Summary: Please give me (and everyone else) a /56 for every VM.
I see you have 2604:a880::/32. You could hand out 2^24 /56 networks from that. If you need more then ARIN/RIPE will give you more, because that's what IPv6 is designed for.
IPv6 is great because it allows new ways of doing things. It's not just "more addresses so I don't need NAT".
Example: I can do a 1:1 mapping between my home /64 and a remote /64, and do stateless bidirectional address translation between them.
That is, I can have a server at home on A:B:C:D::123, and on my DigitalOcean server set up a bidirectional mapping between:
A:B:C:D::/60 E:F:G::/60
Then my server is reachable via both A:B:C:D::123 and E:F:G::123.
Also my DigitalOcean server becomes a "local" A:B:C:9::2222 server via a similar mapping.
This is great for controlling egress policies and many other things. But I can't do this with DigitalOcean so I have to do the disgusting IPv6-NAT instead.
Please help me remove IPv6-NAT.
See RIPE recommendations:
https://www.ripe.net/publications/docs/ripe-690#4-2-1---48-for-everybody
Quote: "It is strongly discouraged to assign prefixes longer than /56 unless there are very strong and unsolvable technical reasons for doing this."
A /124 is absolutely ridiculous in the space of IPv6. That's simply not what IPv6 was designed for. Some people use /124 networks for point-to-point links between backbone routers, but because it breaks SLAAC it's strongly discouraged.
I just verified this and yeah, it's nuts!
Attachments Open full size