What are use cases for getting an ipv6 /64 subnet per server

networking ipv6

I am somewhat new to the whole networking topic and am trying to understand why certain things are the way they are.

Right now I am struggling to understand why you get a whole /64 ipv6 subnet for each server when renting one. Is it because the are just enough addresses anyway and we might as well assign them? Or are there actual use cases? I find it hard to imagine that a single server could make use of that many addresses anyway. Would it then not be better to allow for more subets in the first place?

I know that there is an absurd amount of ipv6 addresses available, so wasting them is not really a concern. But on the other hand I think giving a /64 to each server is effectively cutting the total amount in half, which seems strange considering that ipv4 has been thought to be enough as well.

Thanks!


Even the upper 64 bits of the address is enormous. IANA started with 2000::/3 which is enough for thousands of /48s for every human on the planet. Each of these /48s have 64 thousand /64s. Not IPs, subnets. I do not consider this likely to run out, but if it did, IANA could start another /3.

Stop counting hosts, that is IPv4 thinking. The standards intend the lower half to be the interface ID, and in some cases determined by the host. Cutting in half like that means /64 is the smallest net size, and so is the atom of allocation in many systems. Even for use cases where only one IP is common, it is convenient to reserve the entire /64 in IPAM.

Test this prefix is routed to your rented server before congratulating your service provider on the big space to play in. Say your host is 2001:db8:c7bb:8f34::1622/64. Enable routing. Start a service listening on a different IP, say 2001:db8:c7bb:8f34::443. If you can access this from the outside, great! If not, have a conversation with your hosting on the difference between on-link addressing, and actually routing prefixes.


One of the cases where having /64 IPv6 subnet for single server is important is email sending.

Most of the antispam blacklists block on at least /64 subnet level, sometimes (repeating offenders) even on larger subnets.

Spamhaus documents this under "IPv6 Blocklist minimum range" here.

If you only had single address (or anything smaller than /64) you would be affected by spamming activities of your neigbors in the datacenter.

Related

In OVH, how to connect 2 VMs, each one in a ProxMoxServer, using vrack?
ldapsearch keeps failing even though the username/password supplied are correct
Problems with deploy
What happens if two computers have the same MAC?
Sql Server Standard 2019 Core Licensing [duplicate]
ActiveMQ Artemis: TLS certificate reload
Netflow records with Destination Ports 1025,257 and Protocol as ipv6-icmp
What is the 'page lifecycle' of an ASP.NET MVC page, compared to ASP.NET WebForms?
How to implement a ConfigurationSection with a ConfigurationElementCollection
Aggregation versus Composition [closed]
How to securely save username/password (local)?
Is there a good charting library for iPhone? [closed]