Hi
While watching ipv6 design and deployment course on safari, i came across a cool addressing design tip.
As an organisation, you will get a /48 address space, which gives you 16 bits for subnets which equals 65535 subnets. A good idea, especially taking into account how firewall rules are created is to use first 4 bits for traffic type, next 4 bit for the location, next 4 bit for the building and last 4 bits for the floor.
In an example address 2001:db8:0001:8149:: we have traffic type 8, location 1, building 4, floor 9. If a fw admin wants to ban only this traffic type in this particular location across all buildings and floors, he (or she 😉 will have an easy job configuring an deny acl for 2001:db8:0001:8100/56, and in the future this can be modified to include all locations only by changing one hex character to 2001:db8:0001:8000/52
So cool.
My name is Tomek De Wille. Welcome to my network blog. 