Hello everyone! I do not post very often, but I have been in the WISP biz for many years, attended numerous MUM events, and using ROS since 2002. My company just received our first IPv6 assignment, a /48 block, and it blows my mind with how many actual addresses are in this block. We could have done well with a single /64 for probably the rest of my life, and unlike the rest of the planet, I refuse to waste addresses like that. So what I want to do, is subnet a /64 four our use. Subnetting a /48 into /58s gives 1024 subnets, all of which have 64 /64s. Each IPv6 /64 Subnet contains 18,446,744,073,709,551,616 IPv6 addresses… A /119 contains 199 addresses, perfect for any AP, and for customer use. Dividing up a /64 gives 36,028,797,018,963,970 of the /119 subnets, absolutely more than we will ever, use. What is everyone else doing with their IPv6 blocks? Can a Mikrotik CPE hand out IPv4 on the client LAN, have a NAT rule, but run IPv6 on the WAN out to the net?
Using a subnet prefix length other than a /64 will break many features of IPv6, including Neighbor Discovery (ND), Secure Neighbor Discovery (SEND) [RFC3971], privacy extensions [RFC4941], parts of Mobile IPv6 [RFC4866], Protocol Independent Multicast - Sparse Mode (PIM-SM) with Embedded-RP [RFC3956], and Site Multihoming by IPv6 Intermediation (SHIM6) [SHIM6], among others. A number of other features currently in development, or being proposed, also rely on /64 subnet prefixes.
While you are more then welcome to divide your /48 any way you please, I suspect that your customers would appreciate it if IPv6 works out-of-the-box for all their devices. Handing out a /119 per customer will ensure that you need to configure the CPE you provide in a very specific way to get basic IPv6 connectivity working.
Address translation in a Mikrotik router between IPv4 <> IPv6 is not supported (as it’s not supported by the Linux kernel/firewall that drives RouterOS.) To accomplish this you would have to setup an IPv4 <> IPv6 gateway. You could tunnel IPv4 traffic over an IPv6 link but without a global IPv4 address on the CPE, you would need to run some form of NAT. With all the development going on on the Carrier-grade NAT side, specifically in the Dual-Stack Lite area, you’re better off implementing a solution based on that technology then inventing your own. Dual-Stack Lite for instance does what you describe, hand out IPv4 on the LAN side while the WAN side has only IPv6 connectivity. It does require a NAT solution in the operator’s network that sets up the IPv4 connections on behalf of the customer’s device. Given that IPv6 adoption is still rather limited, this solution would need to process the bulk of the network traffic for all IPv6 only customers, making it a costly endeavor compared to handing out IPv4 addresses.