What options do I have if ISP is giving /64-prefix only?

As I'm sitting in the same boat as many others. I want to make a list what possibilities a user have if ISP is giving out only a /62 or /64 prefix. :expressionless:

  • Ask your ISP to get a /60 or /56 prefix
  • Split up your /64 LAN after the first 64 bit "by hand" breaking RFC rules.
  • Using NAT/NTPNPT to route traffic between your subnets.
  • Getting an additional prefix from another provider (w/o charge) to hand out IPv6 addresses to your LAN.
  • Get a cheap VPS with a /60 or /56 prefix to provide DHCP to your LAN.
  • NDP relaying

I would like to get more input. What is the "best" option here beside the first? Did I missed an option or are there better options? What providers are recommended for a tunnel? I stumbled here over he.net already. But I have no clue if it's good or not.

Personally, I would go for option 2 and pray to $DEITY that the ISP did not insist on just supplying a /128....

1 Like


It depends how complicated the network is. A single /64 is fine for a simple user with just a lan. The suggested however is from /56 to /48. I am getting /56.

I was using it during the dark ages when IPv6 was not available. Pretty happy with them and I recommend them. Don't forget to take the IPv6 certification they have.


I use linode. $5 a month, but they have plenty of sign up promos so you can get first couple of months free. Use wireguard to tunnel the IPv6 connection and can max out my current connection (350mb/sec).

1 Like

Thx for input so far. :slight_smile:

Overall probably the easiest way to do.

I don't know what NDP is. In starting post I made a mistake. It should have be NPT (Network Prefix Translation) and not NTP (Network Time Protocol). But I don't know if NPT is able to translate between public and private adresses. Maybe I'm wrong and it is not an option?

I have splitted my LAN into IOT/Multimedia stuff, Private/Server stuff and Work/Server stuff. I would not need a huge /56. But a /64 is just a shame. And I would change if I would have options.

I have "modified" my ISP Box what is not an option for the most ppl out here. As I was faced this problem at the beginning I needed several days to get into this shit to understand what's going on. That was my motivation to make such a thread.

I meant NDP relay, all solicitations to be forwarded to the lan and get IPv6 from the prefix of lan interface.
NPT6 is not for this case, you want to do a NAT6 better.

Sometimes the best solution is to talk to your ISP. If they don't hear you, ask around what other options you have.


See https://de.wikipedia.org/wiki/Neighbor_Discovery_Protocol/https://en.wikipedia.org/wiki/Neighbor_Discovery_Protocol

1 Like

Sub-splitting a /64 further is not really an option, as this isn't compatible with SLAAC (android can only do SLAAC).


For e. g. basically if I activate "ndp relay" on every cascaded router for wan and lan side. The prefix is delegated to any client within the network?

So the (easy) solution could look like this:

config dhcp wan
    option dhcpv6 relay
    option ra relay
    option ndp relay
    option master 1
config dhcp lan
    option dhcpv6 relay
    option ra relay
    option ndp relay

adopted from here: https://openwrt.org/docs/guide-user/network/ipv6/start

That's bad. Isn't SLAAC using NDP protocol to work properly? Maybe NDP is the "best" solution. Sorry for this "noob" questions I don't have deep knowledge about IPv6 right now.

Prefix is not delegated, as you don't have any prefixes to delegate.
Think about it like dhcp relay, where the dhcp server is not in the same broadcast domain as the clients.

NDP is fundamental for the operation of IPv6 as a whole. It handles the router and neighbor solicitations and advertisements, as well as redirects.

1 Like

Thx for input and help! Topic is finished I think. So ppl. have a starting point for this problematic.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.