From: Tim Starling Date: Fri, 8 Jun 2012 02:26:05 +0000 (+1000) Subject: Increase maximum IPv6 range block size to /19 X-Git-Tag: 1.31.0-rc.0~23351^2 X-Git-Url: http://git.cyclocoop.org/data/%24self?a=commitdiff_plain;h=dd1053bc49b6798e52ed4c352ee5444834c7f8f4;p=lhc%2Fweb%2Fwiklou.git Increase maximum IPv6 range block size to /19 Increased maximum IPv6 range block size from /32 to /19 and documented my decision-making process. Many ISPs will be larger than /32 since /32 only allows for 64k sites at most. Change-Id: Ia25e156fd8234519c4d74f1d41d93f94a313ce14 --- diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 0a3d4adead..508add4be8 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -3459,12 +3459,19 @@ $wgSysopEmailBans = true; * Limits on the possible sizes of range blocks. * * CIDR notation is hard to understand, it's easy to mistakenly assume that a - * /1 is a small range and a /31 is a large range. Setting this to half the - * number of bits avoids such errors for IPv4. + * /1 is a small range and a /31 is a large range. For IPv4, setting a limit of + * half the number of bits avoids such errors, and allows entire ISPs to be + * blocked using a small number of range blocks. + * + * For IPv6, RFC 3177 recommends that a /48 be allocated to every residential + * customer, so range blocks larger than /64 (half the number of bits) will + * plainly be required. RFC 4692 implies that a very large ISP may be + * allocated a /19 if a generous HD-Ratio of 0.8 is used, so we will use that + * as our limit. As of 2012, blocking the whole world would require a /4 range. */ $wgBlockCIDRLimit = array( 'IPv4' => 16, # Blocks larger than a /16 (64k addresses) will not be allowed - 'IPv6' => 32, # Blocks larger than a /32 (~7.9x10^28 addresses) will not be allowed + 'IPv6' => 19, ); /**