Operations grimoire/IPv6

From Nasqueron Agora
Revision as of 12:40, 11 June 2023 by Dereckson (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

📕📁📜 Old technical information :: content warning

⌛ This Nasqueron Operations Grimoire page hasn't been updated for a long time.

☣ As our infrastructure evolves quickly, there is a good chance this information is outdated or now inaccurate. Be careful and consider update it.

➡️ To assert the information is still up-to-date or not, you can check the history of the relevant role in our Operations repository.

Nasqueron uses a dual-stack IPv4/IPv6, as far as possible, for public ICANNnet addresses.

Depending of the servers, this can use a Hurricane Electric tunnel, or native network IPv6 from Scaleway or OVH networks.

Quality and stability of the IPv6 network is provider dependant: HE is clearly reliable while ISP networks are not as routing configuration is difficult and badly documented.

Configuration can be found in rOPS: roles/core/network.

Notes about ISP

Online

Online assigns /48 prefix by account, /56 prefix by server. A prefix is protected by DUID, so DCHP client use is mandatory.

There is no available gateway information.

Routing seems stable, if we can figure the route to the gateway first.

OVH

OVH assigns /64 prefix, with a gateway outside (it's in the /56), without DUID security.

Routing is capricious, with routes suddenly stopping to work.

HE

It works really fine, but a 30 ms penalty lag can sometimes be applied by comparison of native solutions. Yet, sometimes, it can be faster.

Notes by OS

FreeBSD

As DCHP client, isc-dhcp44-client works fine. Previously, we used Dibbler, but it's unmaintained.