[quote="moeller0, post:6, topic:132554]
So as an unsolicited comment, it might be time to allow eating a few bits into the interface identifier IID (the last 64 bits of an IPv6 address) to allow "clandestine" subnetting in cases when the ISP flagrantly restricts users to a /64....
After all 64 bits for IID are clearly overkill for most networks (that is it seems likely that 56 or 48 bits should be enough as well for SLAAC and friends*
)... however that is going to be even further from the IETF's recommendations for IPv6 roll-out than an ISP stingily handing out a /64 only...[/quote]
Please, Please, Please, read about the history and why IPv6 works as it works.
Yes, you can "split" an /64
but then you loose i.e. SLAAC
. The only exception EVERYONE has settled on are Point-to-Point Links and using /127
, and /
128(for router IDs). And the reason a
/64is a
/64is not to be able to have
2^64` on a single link layer.
If an ISP hands out only a single /64
then they should read the documentaion of their RIR, like RIPE or ARIN. The RIRs hands out enough space that a single customer should get at least a /56
, a business customer at least a /48
. If an ISP fails to provide proper service then the customer should complain and switch provider (if possible).
[quote="moeller0, post:6, topic:132554]
*
) This is a bit annoying, in theory one might work around that by using DHCPd v6 to assign IPv6 addresses, but that is going to run into issues:
a) android devices only supporting SLAAC or rather not supporting DHCPv6
b) IPv6 privacy extensions assuming an 64 bit IID, IIRC (but one does not need to use privacy extensions)*
c) prefix delegation likely not working with bits carved out of the IID space...
**
) It is not that for most intents and purposes the prefix alone is not already a strong enough identifier for tracking, and it seems actually less revealing to assign simple consequent IIDs manually, like ${PREFIX}::1, ${PREFIX}::2 instead of leaking potentially globally unique SLAAC addresses as IIDs, but this are off the cuff remarks, s likely I am missing some important reasons why that will not work.
Yes, its annoying that Android refuses to implement DHCPv6, but: Via SLAAC the phone gets an IP, and via SLAAC the phone gets DNS information.
Also the default since years on Android is that for a new WLAN connection a random mac-address is chooses to prevent tracking a user over different networks. And as my personal opinion: Do you realize that we as a society have a far bigger privacy problem then internet numbers?! Every news site has a bunch of trackers and advertisement; your local police is able to track your phone through the mobile cells; we have cameras everywhere; most people going cash-free, but still people shit their pants because of SLAAC addresses; EVEN that more or less every network manager have privacy extensions enabled, or choose random mac addresses. And your IPv6 lease and prefixes are just as "stable" as your IPv4 address. And in any case, your ISP needs to hand out your user data anyway to local law enforcement. So what is the issue?
But back to topic:
For prefix delegation to work, the network needs a /64
for the uplink, and a dedicated network larger then /64
which can then be delegated to downstream interfaces.