How to better understand IPv6 to block requests

ipv4 ipv6

You can never be 100% sure, because various ISPs and hosting providers do things differently (and sometimes very very wrongly). But as a rule a cloud provider will assign a /64 to a virtual network, and every VM in that virtual network will get IP addresses from within that /64 in various different ways. Providers leasing bare metal ("dedicated") servers typically assign a /64 to each physical machine.

It gets a bit more complicated for home connections, but as a rule, unless the subscriber has made configuration changes (few do, as for the most part it's IT pros who want more than a /64 at home) they also will have a /64 for their entire residence.

So, as the above suggests, blocking the /64 is likely to get rid of most malicious actors who know how to rotate their IPv6 address.

You may find RFC 6177 interesting reading. Mainly as a baseline to see how various providers do it wrong.

Related

Docker Registry pull/push 443 only
Windows GPO printer deployment not appearing for new profiles
default session file Permits
Removing httpd built from tarball
Windows 7 Taskbar Auto-Hide
How to increase actual size of hard disk in VirtualBox?
Can I mix and match ethernet over powerline plugs?
Network drive constantly remaps at startup
Where are Windows 10 folder icons located?
What is the difference between a name and a DNS name?
Control external audio amplifier with OS volume
Can I get Notepad++-style vertical selection with arrow keys in Sublime or Atom?