IPv6 Configuration

[bartjsmit]

Or the only solution is to ask for more than /64 for my ISP ?

It really depends how much it matters to you. You could live quite happily without IPv6, at least until some must-have new service is only available on it. Possible candidates would be in emerging economies or IoT space.

Talk to your ISP regardless, so they are aware that they're not meeting their customer needs perfectly. If they have competition, weigh up the costs and benefits of switching.

At least with OPNsense, you don't have the hassle of changing all your internal networks to fit a new router.

Bart...

[Greelan]

Frankly, if your ISP is only handing out a /64 prefix, they are short-changing you and not implementing IPv6 properly for their customers. My ISP gives me a /56, and is soon to switch that to a /48.

[lilsense]

Wow, the discussion has been very rich so far.

I think I'm still lost at this moment. Is there anything I can/should do ? Or the only solution is to ask for more than /64 for my ISP ?

Thanks

Once you have a /64, you can create a /80 or /96 for your internal network set up your DHCP and block your router to directly connecting to the internal network. This works just fine since your router is responsible to forward traffic.

OR
   to calm everyone down here... you can use ULA Fc00:: address for your internal network as well.

https://datatracker.ietf.org/doc/html/rfc4193

[Greelan]

Not sure that using ULAs will help unless NAT is also implemented, which undermines the whole philosophy of IPv6. Without NAT, how do clients reach the internet? And BTW, as the RFC makes clear, don’t use fc00::/8 for ULAs, as it is reserved. Only use fd00::/8.

Bottom line, any “solution” with only a /64 prefix will be a hack. See the top answer here for a nice description of several of those hacks.

Edit: I noticed that the comments in the link above reference RFC7421, which explains the origins of the 64 bit specification for interface identifiers and the effects of not following that specification.