Help:Range blocks/IPv6/ja

範囲ブロックについての主ページ及びIPv4についてはを参照してください. IPv4のようにIPv6の範囲ブロックは$wgBlockCIDRLimitによって制限されていて、既定値では最大で/19のサイズで範囲ブロックが許可されています.

技術的な説明
IPv6アドレスはそれぞれ128ビットの長さです. IPv6 アドレスの各桁は 0 から F (=15) までの 16 種類の値を持つため、各桁は 4 ビット (1 ニブル) の全体値を表し、合計 32 桁となります. IPv4 と同様に、CIDR 表記はビットの共通接頭辞で範囲を記述します. 例えば、2001:db8::/32 は、記述された範囲の最初の 32 ビットに 2 進数の 001000000000010000110110111000 が設定されていることを意味します. また、IPv4 と同様に、MediaWiki は CIDR 表記を使用して IPv6 範囲ブロックを実装しています.

Collateral damage
The best guideline for assessing collateral damage for an IPv6 rangeblock is to check the WHOIS, and the actual amount of activity from the range. MediaWiki supports looking up a range's contributions with Special:Contributions, e.g. Special:Contributions/2001:db8::/32 (note that the latter range will not return any edits).

In assessing collateral damage it is important to understand IPv6 address allocations to end-users. The most important fact to know about is that single or multiple /64 subnets for an end-user connection is a practical requirement of IPv6. What this means is that IPv6 connections will have at least 264 addresses assigned to them, which is around 18 billion billion; sometimes they can have considerably more. The reason IPv6 requires /64 subnetting is that any deviation from this breaks a great number of IPv6 protocols, and it will also be needed for future developments. The only exception to longer than /64 subnetting is for certain connections where many IPv6 features are not needed, for example a /126 subnet for point-to-point inter-router linking. But this is not relevant for IPv6 rangeblocking since no end-users will have addresses of this sort.

So in many ways IPv6 /64 rangeblocks are akin to blocks of single IPv4 addresses, as a /64 subnet is the norm for connections, although sometimes end-user allocations will include multiple /64 subnets. So generally speaking IPv6 /64 rangeblocks are recommended, as blocks of single IPv6 addresses can be easily circumvented by users with minimal technical knowledge, and normally the risk of collateral damage is low. But be aware that like in IPv4, where a single static IPv4 address may supply a household or institution of some kind, a static IPv6 /64 range may also supply a household or institution, so multiple users can be affected by /64 rangeblocks.

An exception to this is mobile broadband access; these IPs are allocated dynamically within certain ranges, and blocking these is unlikely to be successful, as they are easily circumvented and risk collateral damage; this applies to all types of blocks, whether they are IPv4 or IPv6 blocks of single addresses or ranges. Mobile broadband addresses can be checked using a WHOIS service. Note that IPv6 /64 ranges are unlikely to be a dynamic, rather they are likely to be static, and typically won't change for an end-user. This is due to the large number of available IPv6 addresses, meaning dynamic allocation is unnecessary; this lowers the risk of collateral damage.

How to calculate an IPv6 CIDR range
Although similar principles also apply to IPv4, the fact that hexadecimal digits correspond to exactly one nibble (4 bits) each simplifies the calculation somewhat.
 * 1) Find the common prefix – that is, the string of digits shared by all of your addresses.
 * 2) Expand the common prefix completely (including redundant zeros), and multiply the total number of digits by 4 - that's the size of your common prefix.
 * 3) Use the table below, and add the specified number to your prefix size (this is your CIDR suffix, the number of bits common to all addresses in the range). Append the specified digit to the common prefix you found in step 1. Complete the group of four digits with zeros if necessary.
 * 4) The CIDR is then [common prefix (with additional digit as specified by table below, followed by zeros as necessary to keep the group of four digits complete)]/[common prefix length (plus 1,2, or 3 as specified by the table below)].

Prefix modification table
Example: If your prefix is 2001:db8:abcd:: (completely expanded to 2001:0db8:abcd::), and you have addresses like 2001:db8:abcd:9000:abe:: and 2001:db8:abcd:a000::, you'd use the entry saying that the digits after your prefix match 8-b, append 8 to the prefix, and add 2 to your common prefix's size. This would generate 2001:db8:abcd:8000::/50.

Range table
The color-coding is approximate, and there will be overlaps.

Keys

ツール

 * ftools/general/ip-range-calc.html
 * NativeForeigner's IP range calculator
 * IP Subnetting and CIDR Calculator
 * Template:IP range calculator
 * IPv6 Subnet Calculator