On 24 Dec 2011, at 6:32 , Glen Kent wrote: > I am trying to understand why standards say that "using a subnet > prefix length other than a /64 will break many features of IPv6, > including Neighbor Discovery (ND), Secure Neighbor Discovery (SEND) > [RFC3971], .. " [reference RFC 5375]
For stateless autoconfig the issue is that it uses 64-bit "interface identifiers" (~ MAC addresses) that are supposed to be globally unique. You can't shave off bits and remain globally unique. With SEND a cryptographic hash that can be used to determine address ownership is stored in the interface identifier. Here shaving off addresses reduces security. Also somehow the rule that all normal address space must use 64-bit interface identifiers found its way into the specs for no reason that I have ever been able to uncover. On the other hand there's also the rule that IPv6 is classless and therefore routing on any prefix length must be supported, although for some implementations forwarding based on > /64 is somewhat less efficient.
