How does CSS handle IPv6 addresses?
Back
CSS lists /64 subnets of IPv6 addresses.
- IPv6: CSS lists “/64” or larger CIDR blocks.
- A very large number of spam-emitting IPv6 addresses in different /64 blocks within the same network could cause listings to extend to larger blocks.
- Without such extensions/aggregations, the IPv6 zone size could become unworkably large.
- Various strategies used by spammers to game the system are made much more difficult by the use of aggregated blocks rather than single “/128” IPs.
A “/64” is the industry standard for the smallest IPv6 allocation to individual customers, even for home-uses like cable, DSL or wireless.
- For ISPs which follow standard industry practices, CSS IPv6 listings will only affect a single customer.
- The “/64” choice has RFC4291 as its origin and it is further discussed in RFC6177
- More technical reasons for choosing /64 customer assignments, at minimum, are discussed in a post on Etherealmind.com, on Slash64.net, and in M3AAWG document “Policy Issues for Receiving Email in a World with IPv6 Hosts.”
IPV6 allocation information quoted from the Regional Internet Registries (RIRs) documentation:
- AFRINIC, IPv6 Address Allocation and Assignment Policy | AFPUB-2013-v6-001
6.4.1. Assignment address space size:- “Assignments are to be made using the following guidelines:
- /48 in the general case, except for very large subscribers.
- /64 when it is known that one and only one subnet is needed by design
- /128 when it is absolutely known that one and only one device is connecting.”
- “Assignments are to be made using the following guidelines:
- APNIC, APNIC guidelines for IPv6 allocation and assignment requests
10.1. LIR assignments to end sites:- “An LIR can assign a /64 to /48 to an end site customer network based on their requirements. The following guidelines may be useful:
- /64 where it is known that only one subnet is required.
- /56 for small sites where it is expected only a few subnets will be required within the next two years. Subscribers can receive a /56 when connecting through on-demand or always-on connections such as small office and home office enterprises.
- /48 for larger sites, or if an end site is expected to grow into a large network.”
- “An LIR can assign a /64 to /48 to an end site customer network based on their requirements. The following guidelines may be useful:
- ARIN, Your First IPv6 Request
- Step 2: Determine Your Block Size:
“IPv6 block size is based on the number and size of subnets to be assigned to customers, not on the number of IP addresses required by customers. ISPs will typically assign one subnet (/48 or smaller) to each customer. The default /32 minimum allocation is sufficient for many ISPs since it contains 65,536 /48 subnets to assign to customers. ISPs may also opt to request a smaller /36 allocation.”
- Step 2: Determine Your Block Size:
- LACNIC, IPv6 Address Allocation and Assignment Policies
- 4.5.3.1 – Assignment address space size:
“End sites or users must be assigned a prefix that is a multiple of “n” /64’s which must be enough to meet their current and planned needs, considering existing protocols and future possibilities and thus avoiding possible renumbering scenarios.”- The size of the prefix to be assigned is an operational decision of the LIR/ISP, although the selection of /48s is recommended for simpler and more functional infrastructure for all the endpoints of the network.
- Persistent prefix assignments are recommended to avoid undesired failures.
- Using a /64 prefix for point-to-point with GUAs is recommended.”
- 4.5.3.1 – Assignment address space size:
- RIPE, Best Current Operational Practice for Operators: IPv6 prefix assignment for end-users – persistent vs non-persistent, and what size to choose
- 4.2. Prefix assignment options:
“A single network at a customer site will be a /64. At present, RIR policies permit assignment of a /48 per site, so the possible options when choosing a prefix size to delegate are /48, /52, /56, /60 and /64. However, /64 is not sustainable, it doesn’t allow customer subnetting, and it doesn’t follow IETF recommendations of “at least” multiple /64s per customer. Moreover, future work within the IETF and recommendations from RFC 7934 (section 6) allow the assignment of a /64 to a single interface (https://tools.ietf.org/html/draft-ietf-v6ops-unique-ipv6-prefix-per-host-07).”
- 4.2. Prefix assignment options:
- RIPE, IPv6 Address Allocation and Assignment Policy
- 5.4.1 Assignment address space size:
“End Users are assigned an End Site assignment from their LIR or ISP. The size of the assignment is a local decision for the LIR or ISP to make, using a value of “n” x /64. Section 4.2 of ripe-690 provides guidelines about this.”
- 5.4.1 Assignment address space size:
Customers of providers that assign different customers within the same /64 block should contact their provider’s support, ask for a dedicated /64 assignment, and move mail service to a non-shared /64 range.
NOTE: Linode customers should read this document, then open a ticket to get their own /64.
Back