New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
IPv6: One /64 per root server or higher?
Kaulkwappe
Member, LIR
in General
In IPv6 the standard is to give each device a /64 subnet. So for example if a customer has three vServers, he will get a /64 subnet for each vServer.
But what, when a customer has a dedicated root server which is capable to host many vServers? Do you then assign a /64 to this root server too, or a bigger subnet, for example a /56? Or do you generally reserve a /56 or /48 for each customer so he can request additional /64s for his needs?
Comments
I think this depends on the provider, but most providers simply allocate a /64 for any kind of vps regardless of size/specs. I suppose you could easily get a /56 by asking support, though some may charge you a fee.
No matter whether it's for a 256MB VPS (used e.g. as a dualstack VPN server) or for a $500 brand new dedi. Just give a /48 or /56 -routable/routed- to each customer. and let them deal with it. Even a meager /64 (equivalent to "one IPv4") severely restricts usability.
That is exactly why I think about, so my way would be:
/64 per VM is fine. But please allow dedicated customers to get more than a /64 per server - especially for the use case you listed.
IPv6 allocation is one of the very few things online.net got right, maybe there's some inspiration to get there.
A /48 per customer for life, encompassing as many /56 as you have servers (and as many /64 as you have extra IPv4s), everything is announced via dhcpv6 with prefix delegation.
Yes unfortunately "they" often do.
^ While this would be ideal instead.
No.
When managers hear "business customer", they get eyes like this:
And getting a reasonable amount of IPv6 space for which you have an actual use should never be a paid addon.
What exactly do you mean?
I absolutely agree to that.
IPv6 is 128 bit. A "meager /64" is 2^64 IPs - which of course is sufficient only for the smallest of VPS as each and every customer obviously needs the equivalent of todays IP4 address space to the quare ...
Image doesn't display for you? I mean at least in telecom there's the constant attempt to charge "business customers" 10-100x more compared to what a private customer pays, while providing about the same level of service. (Better support, SLAs and such are largely a myth/excuse).
In this case, IPv6 is not a scarce resource so it should not justify any additional charges simply based on what customers uses it for.
I see. Would you assign a /48 for all customers? That would be absolutely no problem, but isn't a /56 more suitable for a private customer?
One IPv6 /64 subnet today is what one IPv4 /32 address was in the past, so they are equivalent. That is, as far as I now, the convention nowadays, due to many different technical reasons.
For the sake of simplicity, we assign a /64 to all VPS customers and a /48 to each dedicated server customer.
No. Just because a bunch of weirdo believers declare that 2 to the power of 64 is somehow equivalent to one of todays IP4 addresses doesn't make it so. Neither math nor the universe will change for some idiots (not even when they are many).
In case you are still interested in logic: How did we end up with not having enough IP4s? Because some idiots handed out /8s and /16s like free lollipops. The IP4 address space is 2^32 which is about half of todays world population and would be sufficient for another couple of decades - IF only actually (end demonstrably) needed addresses had been given out there wouldn't be a lack of IP4 addresses in the first place.
So what does the weirdo believers idiot gang do? Right, they REPEAT the very pattern that drove us into problems back then, only this time they do it really big, preaching that "only" 2^64 IPs are almost not enough and one should have about 65000 times more IPs per customer. So, prepare for IPv8 in some decades ...
Afaic, besides me not using IPv6 equipment, I would hand out /124 unless customer can credibly show a tangible and reasonable need for more.
There are reasons why people hand out /64's ... such as using SLAAC within their network. There is absolutely no reason why you should be handing out /124's to customers. None at all.
Assuming the world has 8 billion people, you could hand out 2305843009 /64 IPv6 subnets to EVERY SINGLE PERSON. I don't think we'll run out of IPv6 any time soon.
Yes. They are idiots of a weirdo sect.
No, very often there are NOT. Keep in mind that we talk about VPS here or some dedi at best.
If a single IPv6 address can not do/provide what a single IP4 address can do/provide then IPv6 is a design failure.
Assuming there are some ten thousand computers, you can liberally hand out /16s and even/8s - but there is a problem: we can't know the future. Evidently and provably (that's why we are in todays situation).
Repeating the very pattern from back then simply indicates idiocy, pardon me.
I'd say a /56 would be enough for most, but if someone wants to make a VPN or tunnel service on your dedi and they want to assign, say a /60 or a /56 to each of their customers, there should not be a pricetag attached to the mere fact of giving them a /48.
Why on earth do you need a /48?
Let's do some math here..... the whole IPv6 set is a 128 bit length address. Half of that, a /64, contains 64 bits worth of ip address spacing. Which is 2 to the power of 64, or 2 ^ 64 addresses. That is 18,446,744,073,709,551,616 addresses you could use.
https://www.ripe.net/about-us/press-centre/understanding-ip-addressing
Why would you need more than 1 /64? Will namely if you were hosting multiple customers... Like an ISP, Server Hoster, Etc. Each /64 address space is intended for a single customer to use.
Now.... How many /64s are in a /48? 2 ^ 16 = 65,536 /64s.... So why do you need 65 THOUSAND address spaces times 18,446,744,073,709,551,616.
And yes, a /48 is far too much for one server. It would never be used, even if you were only doing 1 ipv6 address from each subnet.
Further, a /48 is an announcement block intended for an entire ISP.
Guys and gals, you're welcome to visit the link in my signature. (That's not overly difficult, and would be a good start)
From that article: "IPv6 is a vast resource, vast at a scale that most of us have a hard time envisioning."
Exactly the same has been said for IP4 a few decades ago - and it turned out to be wrong. Because the future has not been, is not and will not be merely a linear evolution of today.
"IPv6 will have its big break-through very soon" has been said often times - and turned out to be wrong every time. For good reasons. One of them being that - even with IPv6 pervert schemes - virtually no single person needs even just a /96 (which, just as a reminder, would be the total address space of todays IP4).
Assigning anything bigger than a /64 is pure idiocy.
It only take 1 bad client to make all your other clients get blacklisted in anywhere.
Not just that, there are many other uses to having smaller than /64 prefixes as well.
A /48 or in worst case a /56 per client makes sense. Let them use it anyway they require anyway they deem fit.
Jumping back in time:
As I said: Many IPv6 proponents not only repeat but even preach to repeat the very pattern that landed us in sh_t ...
Not so much.
That is exactly why ipv6 was invented. Check the maths within these pages.
You are thinking as far as a vps only customer can think. And even to home users, assigning a /56 or /48 is encouraged, let alone VPSes.
Do not forget that not all clients have the same use policy or needs. Not everyone need just 1 address for their nginx.
And even /48s get blacklisted for various reasons. You can not doom a client because of anothers fault.
Why should my IPv6 /32 where my other clients get their /48s from get blacklisted only because one /48 of the 64K /48s is abused by one client?
Sorry, I guess I misunderstood you.
bigger/smaller... I never got to use them properly ever. Bigger here meant "64, 65, 66" or like "if bgp_path.len > 64 then reject;"
And it only takes 1 client to get the whole /64 or even /48 in some cases to be blacklisted.
Correct, just edited it
Yes, because the /64 per device is a standard. Nobody will expect or want an ISP to share one /64 with multiple clients, e.g. email spam blacklists will always block the /64 subnet and not a single IPv6 address.
That's commonly called "longer" (as in prefix length).
Do you have any actual arguments or is authority quoting and painting me as clueless all that you have on offer?
How, for example, about providing sensible and tangible reasons for the presumed need of, say, 98+% VPS or dedi customers for, say, a modest /96? And please note that I do not say that there is nobody needing more than 2^32 IPs; what I say is that the vast majority does not need even a /96 - but feel free to convince me otherwise.
To not make too much difference between the clients and to prevent fragmentation of the space. Even for ISPs the goal was that an ISP only has exactly one allocation and can use it forever because the space is so huge. Without any need to request new space the next hundred years. That allows the highest possible flexibility for now and for a very long time. If you only give them resources they really need, they don't have that flexibility. Maybe they also have to change spaces to make things perfect (it is unlikely that they can do that if the space was in use).
And for that having the equivalent of todays complete IP4 address space is not good enough? How realistic is it to expect a not insignificant number of end customers needing the SQUARE of todays complete IP4 address space and to even consider that somewhat tight?
"Weirdo", "idiot", and a bunch of mathematical misconceptions. Actual arguments are definitely not your forte, I'd say
Please, kindly show me my "mathematical misconceptions" so that I can learn.