Skip to main content

Search

Welcome to VirtualSME Support

Getting started with IPv6 Blueprint

David Edwards-Hall
  • Updated

The IPv6 Blueprint tab has a number of sub-tabs that together provide the blueprint for how IPv6 address management is organised. Each subpage is listed below.

 

IPv6 Addressing

This feature defines the addressing practices and allocation guidelines that apply to network elements in your Sites.

The following is an example of a network element that has been configured in VirtualSME:

address guideline.png

In this example, Point-to-point links will have the following criteria applied:

  • An address type of ULA.
  • A prefix length of 127
  • A block size of 64

Each /127 prefix will be taken from a separate block for ease of management. (See the Best Practice column for these details.)

Click on the pencil icon in the Action column to edit the displayed settings.

 

Related Articles


IPv6 Security

This feature enables you to switch on or off selected IPv6 security features across all sites, in the following format:

IPv6 security.jpeg.png

The security features include:

  • Router Advertisement (RA) Guard - Prevents rogue IPv6 routers from sending fake Router Advertisements that could hijack traffic or cause denial of service attacks on your network.
  • DHCPv6 Guard - Blocks unauthorised DHCPv6 Servers from distributing IPv6 addresses.
  • IPv6 Access Control Lists (ACLs) - Filters IPv6 traffic based on source/destination addresses, protocols, and ports.
  • IPv6 Neighbor Discovery (ND) Inspection - Validates IPv6 Neighbor Discovery messages to prevent ND spoofing attacks.

Related Article

 

IPv6 Infra Services

This features enables you to switch on or off the IPv6 infrastructure services that will be deployed across all sites. 

Infra.png

The infrastructure features are categorized as follows:

  • Network Management - includes Syslog Server, NTP Server, DNS Server, and Net Flow/IPFIX Collector.
  • Authentication & Authorization - includes TACACS+ Server and LDAP Server, and Networking Monitoring System.
  • Security Services - includes Firewall Management, VPN Gateway and IPSec Management Server.
  • Application Services - includes Proxy, Email and Web Servers, Validates IPv6 Neighbor Discovery messages to prevent ND spoofing attacks.
  • Cloud & Integration - includes API Gateway, Cloud Gateway and SD-WAN Controller.

Related Article

 

 

 


 

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk