You are not logged in.

#1 2020-11-20 08:40:36

schard
Member
From: Hannover
Registered: 2016-05-06
Posts: 1,932
Website

[SOLVED] IPv6 network for VPN

I am planning a migration of a company-internal VPN, which is used to remotely administer digital signage systems and transfer content to them, from OpenVPN with IPv4 to WireGuard with IPv6.
While I'm pretty experienced with IPv4 and both VPN technologies, there's much that I don't yet fully understand about IPv6.
My problem and primary question is, what network range I should select for the IPv6 WireGuard network.
I have read about Link-Local-Addresses and Unique Local Unicast.
The latter seems to specify randomly generated IPv6 addresses when the prefix fd is used.
Globally assigned ULAs with the fc prefix are considered to be non-random.
Coming from IPv4 I usually used 10.x.y.z/n for private IPv4 networks in VPNs, so the different possibilies of approaching private addresses in IPv6 are a bit overwhelming for me.

tl;dr: Which strategy / address range should I use? Where can I get a comprehensive overview, that is more informative than Wikipedia and less technical than the actual RFCs?

Solution
I also asked this on SE/ServerFault.
My solution is to use ULA addresses, since they are not routed globally and have a low collision probability.

Last edited by schard (2021-06-23 08:23:46)

Offline

Board footer

Powered by FluxBB