Mailing List Archive

On Thu, Apr 14, 2005 at 10:19:35AM +0100, Colin Whittaker wrote:
> Hello all, AS1213 here.

Hi Colin, nice to see you joined! Let Dave know too. ;)

> All my googling has failed to turn up any recomendations for doing
> hsrp/vrrp with ipv6 except for a ietf draft from 2003.
>
> Has anyone else found a good solution to this.

Unfortunately not. I know of no vendor who have implemented VRRPv6
yet. As far as I can see, best (only) thing you can do now is use
Router Advertisements with very short timers to announce default
routes to your hosts. You can limit RAs to just providing default,
not advertising stateless autoconfig capability if you don't want your
servers to do that.

Let's see what other folks here come up with... it's certainly an
interesting question.


Best regards,
Daniel

--
CLUE-RIPE -- Jabber: dr@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0

On Thu, Apr 14, 2005 at 10:19:35AM +0100, Colin Whittaker wrote:
> Hello all, AS1213 here.
>
> I am currently trying to complete the last step in gving our IPv6
> network feature parity with the IPv4 network which is providing
> redundant lan gateway for our colocation and hosting customers and our
> own services. These would include our sixxs pop and our sourceforge
> download server along with the usual colection of network management /
> web / email servers.
>
> The current IPv4 HSRP gateways are Cisco 6500 with sup720s and one of
> these is the IPv6 gateway.
>
> All my googling has failed to turn up any recomendations for doing
> hsrp/vrrp with ipv6 except for a ietf draft from 2003.
>
> Has anyone else found a good solution to this.

What I have found in the Cisco docs, but didn't test yet, was the idea
of using an anycast address configured on all gateways, using that IP
as the default gateway on the hosts and letting ND take care of the
redundancy. Haven't really tested it, though, and it also looks like
the Juniper side of things is still missing.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20050414/a47ae8a5/attachment.bin

> Date: Thu, 14 Apr 2005 11:50:14 +0200
> From: Daniel Roesen <dr@cluenet.de>
> Subject: Re: Reliable lan service
> To: ipv6-ops@lists.cluenet.de
> Message-ID: <20050414095014.GA31383@srv01.cluenet.de>
> Content-Type: text/plain; charset=us-ascii
>
> On Thu, Apr 14, 2005 at 10:19:35AM +0100, Colin Whittaker wrote:
>> Hello all, AS1213 here.
>
> Hi Colin, nice to see you joined! Let Dave know too. ;)
>
>> All my googling has failed to turn up any recomendations for doing
>> hsrp/vrrp with ipv6 except for a ietf draft from 2003.
>>
>> Has anyone else found a good solution to this.
>
> Unfortunately not. I know of no vendor who have implemented VRRPv6
> yet. As far as I can see, best (only) thing you can do now is use
> Router Advertisements with very short timers to announce default
> routes to your hosts. You can limit RAs to just providing default,
> not advertising stateless autoconfig capability if you don't want your
> servers to do that.
We (Cisco) have HSRP for IPv6 and will soon release under Early Field
Trials. Get a hold of your Cisco contact and they can get you signed up for
the EFT.

Daniel is correct that today you can lower your RA (ipv6 nd reachable-time
<time in msec>) to trigger faster response from NUD on the client/server.
Without HSRP/VRRP/GLBP functionality for IPv6 a host would still failover to
a secondary router (via default-gateway entries learned from RAs) within 30
seconds based on traditional NUD activity. Lowering the reachable-time
value to something like 5000 msec would allow a client/server to flush the
dead neighbor (primary GW) and use the secondary GW within 5 seconds.

If you are interested in more info on the reachable-time operation then
unicast an email to me.

Again, all of this is a useless function once you have a full-scale FHRP
running like HSRP. It is nice to know that there is redundancy functions
built into the basic stack for IPv6 though. ;-)
>
> Let's see what other folks here come up with... it's certainly an
> interesting question.
>
>
> Best regards,
> Daniel
>
> --
> CLUE-RIPE -- Jabber: dr@cluenet.de -- dr@IRCnet -- PGP: 0xA85C8AA0
>

I guess some of you have not heard of OpenBSD yet then.

$ ifconfig carp1
carp1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
description: dmz
carp: MASTER carpdev ne3 vhid 2 advbase 1 advskew 10
inet X.X.X.X netmask 0xfffffff8 broadcast X.X.X.X
inet6 2001:XXXX:XXXX::1 prefixlen 64
$

SEE ALSO
http://www.openbsd.org/cgi-bin/man.cgi?query=carp

Note:

HISTORY
The carp device first appeared in OpenBSD 3.5.

(which means 1year ago or so).

Colin Whittaker wrote:
> All my googling has failed to turn up any recomendations for doing
> hsrp/vrrp with ipv6 except for a ietf draft from 2003.

Daniel Roesen wrote:
> I know of no vendor who have implemented VRRPv6 yet.
--
Todd Fries .. todd@fries.net

_____________________________________________
| \ 1.636.410.0632 (voice)
| Free Daemon Consulting, LLC \ 1.405.227.9094 (voice)
| http://FreeDaemonConsulting.com \ 1.866.792.3418 (FAX)
| "..in support of free software solutions." \ 1.700.227.9094 (IAXTEL)
| \ 250797 (FWD)
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

37E7 D3EB 74D0 8D66 A68D B866 0326 204E 3F42 004A
http://todd.fries.net/pgp.txt

On Tue, Apr 19, 2005 at 02:39:49PM -0500, Todd T. Fries wrote:
> I guess some of you have not heard of OpenBSD yet then.
>

Yes we have! And it does indeed rock, but I think what the others want to do
is enable HSRP/VRRP on existing infrastructure and not have to introduce yet
another access method.

If you have a 2 CAT6500's, it's more desirable to be able to provide the
resiliancy with them, rather than having to add some OpenBSD boxes into the
mix.

Dave

--------------------------------------------------------------
Dave Burke () ascii ribbon campaign
Senior Unix Systems Engineer /\ Support plain text e-mail
BT Ireland www.btireland.ie

Hi all,

AS30071 here.

Todd T. Fries wrote:

>I guess some of you have not heard of OpenBSD yet then.
>
>
Many of us have. But many of us are not using OpenBSD to run the
network, hence the need for VRRPv6 support.

-J

--
James Jun
Infrastructure and Technology Services
TowardEX Technologies
Office +1-617-459-4051 x179 | Mobile +1-978-394-2867
james@towardex.com | www.towardex.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: james.vcf
Type: text/x-vcard
Size: 298 bytes
Desc: not available
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20050419/4cc0d961/james.vcf

On Tue, 19 Apr 2005, James Jun wrote:

> Hi all,
>
> AS30071 here.
>
> Todd T. Fries wrote:
>
>> I guess some of you have not heard of OpenBSD yet then.
>>
> Many of us have. But many of us are not using OpenBSD to run the network,
> hence the need for VRRPv6 support.
>

Or ask vendor to implement carp, which is vendor neutral and no IPR
dispute involved in it.

Regards,

Janos Mohacsi
Network Engineer, Research Associate
NIIF/HUNGARNET, HUNGARY
Key 00F9AF98: 8645 1312 D249 471B DBAE 21A2 9F52 0D1F 00F9 AF98



> -J
>
> --
> James Jun
> Infrastructure and Technology Services
> TowardEX Technologies
> Office +1-617-459-4051 x179 | Mobile +1-978-394-2867
> james@towardex.com | www.towardex.com
>
>