I have not had a deal with this, but if I was going to, I would start at the /64 and move up by...

throw0101d • today at 12:11 PM • 1 reply • view on HN

I have not had a deal with this, but if I was going to, I would start at the /64 and move up by nibble (4-bit) boundaries: /64, /60, /56, /52, /48.

/56 is often recommended as the minimum as for a (residential) customer. /48 is considered a "site" address prefix, and is the smallest allocation that can be advertised in BGP:

* https://blog.apnic.net/2020/06/01/why-is-a-48-the-recommende...

* https://www.infoblox.com/blog/ipv6-coe/a-48-for-every-site-a...

You get 65k subnets with it, which is what you get with 10/8.

Replies

roryirvine • today at 3:29 PM

Yes, /64 is a reasonable starting point for blocking outright, but /48 is the right unit for scoring reputation.

alt Hacker News

Replies