alt Hacker NewsIPv6 is very difficult to implement and enforce reliable rate limits on anonymous traffic. This is something we've struggled a lot with - there is no consistent implementation or standard when it comes to assigning of IPv6 addresses. sometimes a machine gets a full /64, other times a whole data center uses a full /64. So then we need to try and build knowledge of what level to block based on which IP range and for some it's just not worth the hassle.
Replies
Tuna-Fish • today at 11:47 AM
... But that's no different from IPv4. Sometimes you have one per user, sometimes there are ~1000 users per IP.
Most of the ipv4 world is now behind CGNAT, one user per ip is simply a wrong assumption.
Well, even if there was a standard, that's still not a guarantee that the other side of the /64 would be following it. It's correct for you to rate-limit the whole /64.