Why are IPv6 addresses so long?

Question

By convention, each device on the LAN under IPv6 gets a /64 subnet, right? That's an obscene number of addresses per device! Why not make the addresses shorter, say, 72 bits, then each device would get 256 addresses in its subnet, which would save several bytes per packet during transmission (which is a Good Thing). Why the need for such insanely long addresses?

Answer 1

By convention, each device on the LAN under IPv6 gets a /64 subnet, right?

No. Each network is almost always a /64 network. Each host still gets one or more addresses on the network, but I don't know of any OS that will handle more than a few dozen addresses for an interface on a LAN.

Why the need for such insanely long addresses?

That is so that we don't get in the same position as we are with IPv4. IPv4 ran out of addresses a long time ago, but it was extended by breaking the IP end-to-end premise with kludges like NAT. IPv6 has enough addresses that we should not get into the same position for the foreseeable future, and it restores the IP foundation of end-to-end connectivity because each device can have a unique IP address.

Answer 2

In addition to the other answer, I would direct people who don't understand how IPv6 addresses get assigned to homes/small businesses etc to read this: https://www.rfc-editor.org/rfc/rfc6177

I also thought of another benefit of having /64 site subnets: it makes port scanning impossible given just the network prefix. With IPv4, port scanning is a serious problem, as we saw with worms like Mirai etc (UPnP). With IPv6, your probability of guessing a private address (the 64 bit suffix) is 2^(-64), i.e. 0 (if they're using randomly generated addresses, which they would be if they care about this kind of security). Shorter addresses, like 64+48 (minimum to identify from MAC), would only give 48 bits of protection for random guessing, really 48-3*8 because there are only a few OSI values.