I suggest you ...

Give users IPv6 /64 blocks when you roll out IPv6

As you guys are testing IPv6 in the Singapore region, I highly recommend you give users a /64 each when IPv6 rolls out. This is proper practice, and gives users more flexibility in terms of address selection.

366 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    D. StroutD. Strout shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    50 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...
      • Fashion NetFashion Net commented  ·   ·  Flag as inappropriate

        Please offer your clients a full /64 IPv6 block like Linode does.

        The reason this is important is that an Open VPN server not set up with IPv6 will leak the IPv6 location of the internet provider, thus defeating one of the reasons for using a VPN in the first place.

      • Luis MuñozLuis Muñoz commented  ·   ·  Flag as inappropriate

        Assigning less than a /64 to each host (Droplet from my perspective) introduces additional difficulty for a number of tasks and in my case, blocks most use cases involving SMTP email.

        Lack of IPv6-capable SMTP driven my use case back to Amazon EC2. I hope you can consider allowing at least /64 allocations and unblocking SMTP over IPv6.

      • Ryan KaiserRyan Kaiser commented  ·   ·  Flag as inappropriate

        Increase the size of routed IPv6 prefix to /64. If that is too big on a per-droplet basis, consider doing it on a per-account basis; or limit to one routed /64 block per data center. The current /124 block is essentially useless to me.

      • Ryan KaiserRyan Kaiser commented  ·   ·  Flag as inappropriate

        Increase the size of routed IPv6 prefixes to /64. If that is too big on a per-droplet basis, consider doing it on a per-account basis; or limit to one routed /64 block per data center. The current /124 block is essentially useless to me.

      • Thomas HabetsThomas Habets commented  ·   ·  Flag as inappropriate

        /64? What? No, /48 to /56 is the standard. Just check wikipedia for one, and check every ISP.

        I get many /64 subnets for my stupid BT home broadband.

      • Paul WilliamsPaul Williams commented  ·   ·  Flag as inappropriate

        Echoing the other comments.../64 per droplet and /48 or /56 per account please. The current setup breaks the spec and makes it difficult to utilize IPv6 on DO for a number of scenarios (Docker, OpenVPN, etc.).

      • ThomasThomas commented  ·   ·  Flag as inappropriate

        Also I would love to just get a /48 per account, it makes Firewall and IPsec rules so much simpler than having ~100 firewall rules for each droplet, which would bring it down to one firewall rule.

      • Troy KellyTroy Kelly commented  ·   ·  Flag as inappropriate

        After many, many years as a Digital Ocean customer - we too are closing our account.
        Ignoring RFC and best practice because you (Moisey) have unilaterally decided that you know best is embarrassing.

      • Christian KratzerChristian Kratzer commented  ·   ·  Flag as inappropriate

        As there as been no response on this for over 6 months I am cancelling all my DO accounts today. Port blocks and no dedicated /64 are a show stopper for me.

      • Chris WeylChris Weyl commented  ·   ·  Flag as inappropriate

        Being so restrictive with ipv6 addresses doesn't make sense to me. For one, it's so unusual that I'm sure there's a ton of work going on behind the scenes to enforce this -- labor that wouldn't be necessary if DO just gave out /64's properly.

        Also, according to ARIN[1], it's likely the *minimum* allocation they'd give DO is a /32. That means DO would have 2^32 /64's to assign -- that is:

        DO has, at a minimum, over 4 billion /64 networks.

        ...and could easily get more, if, you know, about 75% (still over 3 billion) were allocated.

        If each droplet were given their own /64, that's still a *heck* of a lot of droplets.

        If each customer were given a /56 and allowed to carve it up as they chose, DO would have almost 17 million /56's to hand out.

        IPv6 addresses are *not* constrained by any measure.

        ...except artificially.

        Oh well, guess I'll be checking out AWS' recently announced support for ipv6 in certain regions of EC2... :(

        [1] https://www.arin.net/resources/request.html

      • Jeremy TribbyJeremy Tribby commented  ·   ·  Flag as inappropriate

        Unbelievable. /64 is RFC. This isn't a political decision. DigitalOcean is intentionally going against spec for no reason.

      • Craig McQueenCraig McQueen commented  ·   ·  Flag as inappropriate

        I'm surprised this is still in the "gathering feedback" state. It seems the common consensus is:

        * Droplets should be allocated at minimum a /64, since that is the intent of IPv6 design.
        * Some want an account allocated a /56, which can have /64 allocated per droplet.
        * Some want to be able to pay for additional blocks to be routed to droplets (such as myself, for OpenVPN for example).

        It seems crazy for IPv6 to be so limited for a VPS, when my home ISP is allocating a static /56 per residential DSL customer!

      • Holger SchinzelHolger Schinzel commented  ·   ·  Flag as inappropriate

        Same story here: Found out today that SMTP traffic via IPv6 is blocked due to users sharing the same /64 block. It was suggested to me that i should disable IPv6 lookups via /etc/gai.conf-file - which is basically like saying "Please disable IPv6".

        I suggested that assigning /128 or /80 subnets to droplets is against IPv6 design best practice and was referred to the developer forum (here!) [1] just to find out that this request is pending since > 2 years without ANY feedback from DO on timeline and priorities.

        Sorry DO, your IPv6 support is a shill. Get yourself sorted out and finally do it right. [2]

        [1] "As we're experiencing extreme growth, our engineering team is working as quickly as possible on a variety of known issues as well as feature requests. We are excited to hear feedback from you on how we can improve our service. To submit feature requests and suggestions, please visit our developer's forum where you can add, discuss, and vote on features:"

        [2] http://etherealmind.com/allocating-64-wasteful-ipv6-not

      • AviAvi commented  ·   ·  Flag as inappropriate

        I'll quote Justin's comment: "It is against the IPv6 standard to allocate anything smaller than a /64 per subnet. Doing so breaks a lot of the fundamental assumptions that IPv6 relies on to operate properly."

        You got this so wrong DO. See http://etherealmind.com/allocating-64-wasteful-ipv6-not
        It's a brain dead idea to offer 16 hosts, and frankly the first time I've questioned the quality of your service.

      ← Previous 1 3

      Feedback and Knowledge Base