The interface itself should only have (as any other interface) a
(Really, the only exception is to use a
/127 on a point-to-point link, but you still can get good arguments why it might be a not-so-good-idea, and why you should just use a
/64 for each and every link. The address space is large enough to support this / such a allocation or addressing model.)
A delegated prefix or a prefix in general should be larger of course, so a router is able to assign each interface (i.e. a VLAN) a dedicated
(In my experience, people say subnet, when they reference a link where a
/64 is present, and prefix when refer to the whole network, like a
Yes, they have to be different.
Normally the prefix on the WAN interface is part of a prefix the provider uses for customer links, and a delegated prefix which can be used by the customer on its LAN comes from an other network.
The ISP must be able to route your traffic. The routing table looks like "customer prefix via customer wan prefix", but without an "known" address on the wan interface, the ISP could not route the traffic to the delegated prefix to you, because it would not know where to route it.
Even on "business" internet uplinks, or uplinks you get in a data center: The provider uses addresses out of his prefix, and tells you upfront how to configure your wan interface(s). And either they set a static route for your prefix, or you do speak BGP with the provider and you announce your own prefix to them. But still, your prefix is routed via the address on the wan interface if you will look at the routing table.
The ISP has
2001:db8::/32. It will use
2001:db8::/34 for its own services and infrastructure. Then
2001:0db8:4000::/34 will be used for dialup-customer,
2001:0db8:8000::/34 for business customer, ...
So your WAN interface would be within
2001:0db8::/34, "but" your LAN would be within
My personal theory why people get confused is because IPv4 has clouded their minds. Based on the sparse address space, and that we know since the early 90ies that we do not have enough (IPv4) addresses, mankind has invented IPv4 NAT and people have seen global addresses only on the WAN interface of there router, and the private IP space got translated, when routing to the Internet was done.
Again, each interface should have a
/64. Otherwise SLAAC will not work. (A prefix pool which can be used for prefix delegation is a totally different topic.
(The config option
ip6assign maybe is a little bit kind of special.)
Yes and no. You can build an IPv6 network without GUA addresses on each interface, but only, and only if you have at least one GUA address on the router, which can be used by all other interfaces.
The loopback-interface is such one. If you use f.i. OSPF(v3) and BGP you can advertise the GUA from loopback within the OSPF area, and BGP makes this address available in the (larger) BGP network.
But for a "standard" network topology it is always easier to have a larger enough prefix for each customer and each interface (and subnet) on the local side gets its own (GUA) subnet (
The internet, IPv4, and IPv6 are build with a unique global address space in mind, and more importantly with the ability that each and every device can communicate with each and every device directly, without translation or anything.
If you want your devices/clients on a link to be participate on the Internet, you have to assign a GUA prefix to this interface anyway. Even if you configure this prefix only for RA and DHCPv6 (and the router does not have an address our of that prefix on its interface), the subnet gets allocated and assigned (on that link). Yes you can do NAT or other translation but this shit just breaks (without any need) the end to end philosophy of this computer network. So please don't!
And just to repeat it: The WAN side of a customer gets a
/64 from a "customer-prefix", while the usable
/48 comes from an other prefix from the ISP.
My ISP thankfully does it this way:
What OpenWrt provides / is able to do and is IMHO correct about it: I.e. uses DHCPv6 on WAN to get a address on WAN, then uses DHCPv6-PD to request a prefix, and if it got one, it can dynamically assign a subnet out of that prefix to each interface.
How the user splits the network is of course its own problem, but I see no issues here what should be wrong/faulty...
(Side note: On a business/enterprise network, where you got a (static) assignment from your ISP, you configure each and every subnet out of your
/32 statically or have some form of automation but in the end each and every allocation of a router/switch interface is hardcoded/statically configured.)