Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Does it make sense to allocate vps with /64?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Does it make sense to allocate vps with /64?

I think it makes sense to allocate at least a /64 for a dedicated server as there might be virtual networks inside the dedicated server. Some vps also comes with a /64, for example vultr. I'm wondering how much sense does it make for a vps to own a whole /64? Should the providers provide each vps with a /64? Your ideas?

Comments

  • ClouviderClouvider Member, Patron Provider

    Yes, providers should, it's a best practise to do so.

    And also, should the VPS use email, if there is some spam activity then the entire /64 will be blacklisted, therefore penalising your legitimate Customers.

    Thanked by 1elgs
  • KuJoeKuJoe Member, Host Rep

    Per VPS? No.

    Per client? Yes.

  • ClouviderClouvider Member, Patron Provider

    A bit too restrictive in my opinion. customers should be assigned with up to /48 for their use.

  • Even /64 is not enough if you ask me.
    For a client? No. For each vm/dedi/interface, yes.

    Without a /64 you can't dhcp assign those IP's either and everybody has different uses.

    Maybe you can assign the /64 to the client but when needed you should be able to provide more.

    Like @clouvider said, in case of blacklistings that becomes a problem. So I think each /64 is like an IPv4 /32 when you think like that.

    Thanked by 2Clouvider rm_
  • I think it makes sense to think about a /64 as a reputation unit. However, does a vps really need to run dhcp inside?

  • KuJoeKuJoe Member, Host Rep
    edited November 2015

    If a client needs more than 18,446,744,073,709,551,616 of my IPs for a handful of VPSs then they are doing something wrong.

  • @KuJoe said:
    If a client needs more than 18,446,744,073,709,551,616 of my IPs for a handful of VPSs then they are doing something wrong.

    Maybe it's your thinking that is wrong.
    For example for each VPN on each machine I need a different /64. Without it I can't give IPv6 to connecting clients and you think I am wrong? Other than that I need a separate /64 for each Web host. As I said before, everybody has different uses. Since you don't use it like that doesn't mean your client shouldn't.

    Or do you want to give a /128 for each client?

  • ClouviderClouvider Member, Patron Provider

    @KuJoe you clearly ignore the principles behind IPv6... Don't think of IPv6 as you thought about an IPv4. These are completely different addressing systems.

    I really don't feel like quoting the same RIR policies over and over again, this subject was discussed so many times here, on WHT and in countless other boards.

    Thanked by 3Nomad Amitz NeoXiD
  • @Clouvider said:
    I really don't feel like quoting the same RIR policies over and over again, this subject was discussed so many times here, on WHT and in countless other boards.

    Thanks @Clouvider, but please be patient. This is an important process to make things clear and perceived.

  • KuJoeKuJoe Member, Host Rep
    edited November 2015

    @Nomad said:
    Or do you want to give a /128 for each client?

    Nah, a /64 is plenty. If you need more than a /64 you should probably get your own IP space (since it's free) and call it a day. ;)

    @Clouvider said:
    KuJoe you clearly ignore the principles behind IPv6... Don't think of IPv6 as you thought about an IPv4. These are completely different addressing systems.

    I really don't feel like quoting the same RIR policies over and over again, this subject was discussed so many times here, on WHT and in countless other boards.

    Not really, keep in mind that the infrastructure has a lot more to do with IP allocations than policies on paper. :) A /64 is fine for the normal user and if they need more they can get more themselves.

  • @KuJoe said:
    Not really, keep in mind that the infrastructure has a lot more to do with IP allocations than policies on paper. :) A /64 is fine for the normal user and if they need more they can get more themselves.

    Yeah, a normal user as in a home user.
    People who use webservers have different needs though.

    If it were up to me I'ld use a different /64 for each client's mail domain as well.

    Maybe you don't have enough IP space to provide more, that might be the reason you are reluctant. Or maybe you don't give a damn to IPv6.

    Some people does.

    And a provider should provide.
    Ask for more money if you want, but don't think your logic applies to everyone and every scenario.

    Thanked by 2rm_ Amitz
  • Should ask Strato AG about this ;) . You only get /128 with them and additional costs money. They see IPv6 as IPv4 in terms of giving addresses. So 2 IPs in their plan means 1 IPv4 /32 and a /128 IPv6.

    Paying way too much... but atleast the service is reliable.

  • KuJoeKuJoe Member, Host Rep
    edited November 2015

    @Nomad said:

    No need to get upset, this is a friendly discussion. I never said my opinion applied to everyone, I answered a question based on my opinion since there is no right or wrong answer because, as you pointed out, everybody has different needs. :)

    At the end of the day, just because I "only" give out a /64 per client per location doesn't mean that client can only use that /64 provided since you can get a couple /48s from various places for free these days. That's the beauty of the internet in 2015. :)

    Thanked by 1elgs
  • Nomad said: Without a /64 you can't dhcp assign those IP's either and everybody has different uses.

    AFAIK you can DHCPv6 any sized subnet you want. You need a /64 for SLAAC - these are not the same thing. On a system not acting as a router (eg VPN/VM host) I would just statically assign IPv6 anyway, so no need for dhcp /or/ slaac.

    As others have said - this is how things are meant to work. I'm sure $1/month VPSs were not in the minds of the people who made up these standards, but you're too late to change them now - just live with the unused bits. You're probably not using all 65536 TCP ports available to you either, but the Internet seems to keep going.

    IPv6 will not become anywhere near as valuable as IPv4 in your lifetime - so there's little sense in hoarding them. As long as you're allocating them in line with current guidelines (/48 or /56 per customer) you can get plenty more easily. If you really only want to assign less than a /64 to a customer (perhaps hoping to charge them more if they want more than 1 IPv6?) please at least block out the whole /64 so its not allocated to anyone else.

  • ClouviderClouvider Member, Patron Provider

    Thanks Clouvider, but please be patient. This is an important process to make things clear and perceived.

    Ok.

    http://www.ipv6forum.com/dl/presentations/IPv6-addressing-plan-howto.pdf

    Page 7.

    Heads up - this manual is officially recommended by RIPE and linked on their website.

    Thanked by 1elgs
  • ClouviderClouvider Member, Patron Provider

    Nomad said: Yeah, a normal user as in a home user. People who use webservers have different needs though.

    It is advised to allocate a /56 to a home connection. Many ISPs do that already, for example Enta in the UK, that supplies our NOC with backup, and my home as a primary.

    Thanked by 2rm_ ValdikSS
  • @Clouvider said:
    Heads up - this manual is officially recommended by RIPE and linked on their website.

    Thank you for the link. It's very informative, yet not too long/scary to read. :)

    Thanked by 1Clouvider
  • @tehdan said:
    IPv6 will not become anywhere near as valuable as IPv4 in your lifetime - so there's little sense in hoarding them. As long as you're allocating them in line with current guidelines (/48 or /56 per customer) you can get plenty more easily. If you really only want to assign less than a /64 to a customer (perhaps hoping to charge them more if they want more than 1 IPv6?) please at least block out the whole /64 so its not allocated to anyone else.

    And how do you plan to pass dns information with SLAAC? AFAIK, you can't do so. You might want to use them together but not just SLAAC.

    @KuJoe said:
    No need to get upset, this is a friendly discussion. I never said my opinion applied to everyone, I answered a question based on my opinion since there is no right or wrong answer because, as you pointed out, everybody has different needs. :)

    And what made you think I'm not friendly? (:
    I'm just stating that your way of thinking is wrong.

    Sure, with dirt cheap VPS'es you might want to limit them to earn more or only hand them out to those who really will use it. I'ld respect that. But if when even a home connection gets the same or more amount of ipv6 subnets, I'ld always be opposed to such way of thinking. Don't get it personal. I'm against the idea.

    Because most providers are short-sighted when it comes to IPv6, it still didn't gain much popularity. They just don't know what or how to do things.

    I'ld say RIPE's outline is pretty good. And a customer should be able to get a /56 or even /48 when needed.

    Me? Yeah, I'm with happy with my /48.

  • KuJoeKuJoe Member, Host Rep

    tehdan said: If you really only want to assign less than a /64 to a customer (perhaps hoping to charge them more if they want more than 1 IPv6?) please at least block out the whole /64 so its not allocated to anyone else.

    When we decided on the /64 per client, /64 was the recommended allocation for end-users, did this change and when?

    And yes, the client gets the whole /64 and can pick which IPs they want to use from that /64 and no, we wouldn't charge for IPv6 but our software only handles /64s from a single /48 for each location so there's no way we could give clients more than a /64 even if we wanted to (not to mention we limit each VPS to 128 IPs total by default, but that's for a completely different reason).

  • elgselgs Member
    edited November 2015

    @Clouvider said:
    Heads up - this manual is officially recommended by RIPE and linked on their website.

    The whole page 7 is like a billionaire is talking about how inconvenient it is to carry only a million dollars. Just kidding. :D But it's really informative and useful.

  • tehdantehdan Member
    edited November 2015

    Nomad said: And how do you plan to pass dns information with SLAAC? AFAIK, you can't do so.

    You can, I do. See RFC6106.

  • NyrNyr Community Contributor, Veteran

    @KuJoe said:
    our software only handles /64s from a single /48 for each location so there's no way we could give clients more than a /64 even if we wanted to

    You could still give a /64 per VPS or a /56 per client, which is what many ISPs with proper IPv6 implementations do.

    In your case, OpenVZ will limit the usability of each /64 sadly.

    Thanked by 2tehdan Clouvider
  • tehdantehdan Member
    edited November 2015

    @KuJoe - I presume you're referring to RFC3177, although it doesn't contain the term /end[-\s]?user/i anywhere. By my reading it pretty much says 'just give everyone a /48'. Admittedly none of their use cases are $1/month VPSs as I've said. RFC6177 revises this a bit, but doesn't go so far as to say 'that was a mistake', but rather 'be a little more prudent if you wish'.

    If a provider is giving different people smaller prefixes from the same /64 they should have their Internet license revoked, otherwise allocate things as you see fit :)

  • Oh noes, not that sh-- again... See link in sig. ;)

    Deliver less than a /60 with a VPS and you're prohibiting many legit uses of this VPS, e.g. as a VPN server (in which case the customer is not the end user and thus should not get a meager /64).

    Thanked by 3tehdan rm_ Clouvider
  • @Shot2 said:
    Deliver less than a /60 with a VPS and you're prohibiting many legit uses of this VPS, e.g. as a VPN server (in which case the customer is not the end user and thus should not get a meager /64).

    Quite - as per RFC3177

    /64 when it is known that one and only one subnet is needed by design

    Which I'd argue you cannot know if you're selling VPSs. That said, if you sell something as coming with a /64 there is some responsibility of the user to know if this is sufficient for their needs.

    Thanked by 2Clouvider Shot2
  • KuJoeKuJoe Member, Host Rep
    edited November 2015

    Shot2 said: Deliver less than a /60 with a VPS and you're prohibiting many legit uses of this VPS, e.g. as a VPN server (in which case the customer is not the end user and thus should not get a meager /64).

    You should read your sig (it says /64, not /60). :P

  • Shot2Shot2 Member
    edited November 2015

    @tehdan said:

    Yep, whenever it's clearly stated everything's fine. Most providers are upfront about what they may/know how to/can't provide. Others deserve kudos for being open to discussion, even though the need for "justification" should not arise. (Hats off to @MeanServers or Vstoike).

    @KuJoe said:

    /64 is a minimal requirement even though it still limits the usability of a server.
    What I have in mind with my sig is companies proudly mentioning "5 (or 16) IPv6 addresses, more upon request". Makes me want to register and request "a few trillions more, pwease" to see what happens when flawed logic reaches the end of its rope. :D

    To quote:
    "Just as all subnets in a network should be /64 [...]"
    "You should only assign a /64 in the corner case where you know for sure that subnetting will never, ever be needed. Homes and small offices do not meet that criterion." etc.

    A Virtual Private Network is one of the many uses for a VPS. The VPN server (VPS) should be able to provide its few clients with a /64 subnet, hence the need for a few /64 at hand, let's say a /60 at least (if 16 devices is enough for the customer's own use) or anything greater (some customers may have a family).

    Thanked by 3rm_ Clouvider ValdikSS
  • KuJoeKuJoe Member, Host Rep

    @Shot2 said:
    A Virtual Private Network is one of the many uses for a VPS. The VPN server (VPS) should be able to provide its few clients with a /64 subnet, hence the need for a few /64 at hand, let's say a /60 at least (if 16 devices is enough for the customer's own use) or anything greater (some customers may have a family).

    I was just joking about the sig but thanks for explaining in detail. That makes sense. :)

Sign In or Register to comment.