[candiddevmike]

No control over which source address is used. I'm assigning a lot of clients DHCP reservations so I can use static addresses for monitoring and firewall rules. With multiple addresses on the same network, clients may use their SLAAC address which won't match the firewall rule.

[db48x]

That still doesn’t really make sense. Why not run SLAAC on one subnet and have a single firewall rule for the whole thing? You’re not running any major servers on an Android phone, so it won’t be anything complex.

[tsimionescu]

SLAAC can only run on a subnet that's larger than /64, which they might not have access to.

[db48x]

Strictly speaking it can and does run on subnets that are exactly /64. Does anyone actually hand out smaller delegations today?

[tsimionescu]

My point is that they might only be getting 1 /64 from their ISP; or getting a /62 or something small, and needing more subnets anyway. In these situations, you may not have an extra /64 to dedicate to SLAAC for certain devices.

[db48x]

Right. I was merely correcting your statement that SLAAC needs more than 64 bits to work with. But my question remains; do any ISPs hand out smaller delegations than a /64?

[justincormack]

There are APIs in Linux to control source address selection but might be fiddly https://www.davidc.net/networking/ipv6-source-address-select...

[franklyworks]

Ah, this makes sense.