IPv6 in 2025 – The Freedom of Address Space

The second in a series of blogs throughout 2025 highlighting the state of IPv6 across the industry, best practices to consider, and how Cisco is helping customers on their journeys with its products and services.

IPv6 Is Here to Stay

As we discussed in our previous post, IPv6 has finally arrived and is here to stay, with all measurements and data quickly pointing towards an IPv6-dominant future. So, what do public and private sector organizations need to do to prepare for this change that is happening right under our feet? Obviously training and education will be necessary for IT teams, and full inventory will be needed (what assets and systems are either ready now, can be ready via future software update, or will need to be segmented off and/or refreshed over time). But an often overlooked, yet powerful, piece of the puzzle is the acquisition of IPv6 address space and its proper allocation.

Grasping the Scale of IPv6 Address Space

It's no secret that IPv6 has a larger space, but just how much larger? We have moved from 32-bits to 128-bits, but how do we wrap our heads around that? How does 4.3 billion (4,294,967,296) compare to 340 undecillion (340,282,366,920,938,463,463,374,607,431,768,211,456)? An analogy I like to use is this: if all 4.3 billion IPv4 addresses could fit in 1-inch (2.54 cm), then the IPv6 space would cover twice the length of the observable universe. The numbers are literally astronomical! And it means we are freed from the burden of the constrained thinking that IPv4 brought with it.

Moving Beyond IPv4 Constraints

We previously cared about maximizing the efficiency of our address space, trying to squeeze every last bit out of IPv4 allocation lest anything go to waste. We introduced technologies like VLSM, CIDR, and NAT (combined with RFC 1918 private address space) to extend the life of IPv4. (And it should be acknowledged these worked wonderfully well - buying us not just a couple of years, but a couple of decades). But it's time to abandon this constraint mentality and embrace the freedom that 2¹²⁸ provides.

Rethinking Subnets

We no longer have to count the number of hosts on our subnets - we will use a /64 prefix for every user-facing subnet. Half of our 128-bit address will represent the prefix (or "subnet" or "network" as these are often used interchangeably), and half will represent the interface identifier (sometimes called a "host ID"). This may seem incredibly wasteful, but it is how the protocol was designed. And as RFC 7421 highlights, many things start to break if you diverge from /64 boundary. So, whether you have 2 nodes, or 2 trillion (!) nodes on a single /64 subnet, 99.99+% of the addresses space on that subnet will go unused. And while shocking to hear at first, it is quite freeing once accepted.

We are no longer under the onus of counting (or predicting) the number of hosts expected to reside on each subnet, and trying to size appropriately: not making the subnet too small and being unable to fit all the hosts, but also not making it too big when those potential addresses could be used elsewhere in the network. Now, all subnets will use a /64.

So how many of these /64 subnets are needed? Again, throw away the IPv4 mentality of counting total numbers. We can use the plentiful address space to create an IPv6 addressing plan that will look substantially different from your IPv4 one. If you are an organization of any decent size, go to your RIR (Regional Internet Registry) - ARIN, RIPE NCC, APNIC, AFRINIC or LACNIC - and get an IPv6 allocation that is much larger than you think you might need. It is now customary for enterprises to receive between a /29 and a /32, which give about 4 billion to 32 billion /64 subnets within them, respectively. This is an exciting change from the policies of 10+ years ago!

Advantages of Large IPv6 Allocations

While it is extremely unlikely that you will use billions of subnets, these large allocations provide the flexibility to start thinking about a hierarchical addressing plan, where each layer in the hierarchy takes on some significance relating to either ownership (campus/branch vs. cloud infrastructure vs. colocation facility), geography, functional/logical place in the network, or plain subnet numbering (which can be mapped 1:1 to VLANs). Furthermore, and very excitingly, each layer can be aligned with one nibble, that is, 4 bits, or one hexadecimal character.

So rather than having an inconsistent mess of subnets, all of different sizes and fragmented across the entire network, we can now achieve consistency and simplicity while also being able to embed semantic meaning in the address itself - great for both troubleshooting and general operations and something that was nearly impossible in IPv4. This should then also lead to cleaner and simpler routing tables and ACLs - a benefit for both your networking and security teams.

Embrace the IPv6 Opportunity

Use this transition to IPv6 as an opportunity to start fresh and free yourselves from the shackles of IPv4 constraint. Get a large allocation from your RIR and start planning for a better (addressed) future today!