Using IPv6 with prefixes shorter than a /64 on a LAN

Owen DeLong owen at delong.com
Wed Jan 26 05:24:38 UTC 2011


> ...

> 
> What did that just do to your per-site /64? That you have
> no hope of ever seeing a user use up? It just turned
> that /64 into a /112 (16 bits of port space, 32 bits
> of cloud identifier space.) What's the next killer app
> that'll chew up more of your IPv6 space?
> 
Dude... You missed... It's not supposed to be a /64 per site.
The plan is a /48 per site. Yes, you managed to use one of
the subnets up pretty well... ON A SINGLE SUBNET.

Now, what do you do for the other 65,535 of them at the
one site?

> I'm all for IPv6. And I'm all for avoiding conjecture
> and getting to the task at hand. But simply assuming
> that the IPv6 address space will forever remain that -
> only unique host identifiers - I think is disingenious
> at best. :-)
> 
Well.. There's assuming (like your assumption that a /64
per site was the original plan) and then there's doing
the math.

Even with the utilization you've mentioned above, my
math still holds.

Owen

> 
> 
> Adrian
> 
> On Tue, Jan 25, 2011, Owen DeLong wrote:
> 
>> I love this term... "repetitively sweeping a targets /64".
>> 
>> Seriously? Repetitively sweeping a /64? Let's do the math...
>> 
>> 2^64 = 18,446,744,073,709,551,616 IP addresses.
>> 
>> Let's assume that few networks would not be DOS'd by a 1,000 PPS
>> storm coming in so that's a reasonable cap on our scan rate.
>> 
>> That means sweeping a /64 takes 18,446,744,073,709,551 sec.
>> (rounded down).
>> 
>> There are 86,400 seconds per day.
>> 
>> 18,446,744,073,709,551 / 86,400 = 213,503,982,334 days.
>> 
>> Rounding a year down to 365 days, that's 584,942,417
>> years to sweep the /64 once.
>> 
>> If we increase our scan rate to 1,000,000 packets
>> per second, it still takes us 584,942 years to sweep
>> a /64.
>> 
>> I don't know about you, but I do not expect to live long
>> enough to sweep a /64, let alone do so repetitively.
>> 
>> Owen
> 
> -- 
> - Xenion - http://www.xenion.com.au/ - VPS Hosting - Commercial Squid Support -
> - $24/pm+GST entry-level VPSes w/ capped bandwidth charges available in WA -





More information about the NANOG mailing list