From owner-freebsd-net@freebsd.org  Fri May 11 16:48:57 2018
Return-Path: <owner-freebsd-net@freebsd.org>
Delivered-To: freebsd-net@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 92600FAA286
 for <freebsd-net@mailman.ysv.freebsd.org>;
 Fri, 11 May 2018 16:48:57 +0000 (UTC)
 (envelope-from matthew@FreeBSD.org)
Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk
 [81.2.117.100])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "smtp.infracaninophile.co.uk",
 Issuer "infracaninophile.co.uk" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 2C69974CA8
 for <freebsd-net@freebsd.org>; Fri, 11 May 2018 16:48:56 +0000 (UTC)
 (envelope-from matthew@FreeBSD.org)
Received: from leaf.local (unknown [88.202.132.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 (Authenticated sender: m.seaman@infracaninophile.co.uk)
 by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id D85D78373
 for <freebsd-net@freebsd.org>; Fri, 11 May 2018 16:48:48 +0000 (UTC)
Authentication-Results: smtp.infracaninophile.co.uk;
 dmarc=none (p=none dis=none) header.from=FreeBSD.org
Authentication-Results: smtp.infracaninophile.co.uk/D85D78373; dkim=none;
 dkim-atps=neutral
Subject: Re: pf: Efficiently specifying discontinuous IPv6 ranges
To: freebsd-net@freebsd.org
References: <20180511162809.4b59ef02@almond.int.arc7.info>
From: Matthew Seaman <matthew@FreeBSD.org>
Message-ID: <637016ae-dbe8-8df7-8fa8-692ee0edd949@FreeBSD.org>
Date: Fri, 11 May 2018 17:48:47 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0)
 Gecko/20100101 Thunderbird/52.7.0
MIME-Version: 1.0
In-Reply-To: <20180511162809.4b59ef02@almond.int.arc7.info>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 11 May 2018 16:48:57 -0000

On 11/05/2018 16:28, Mark Raynsford via freebsd-net wrote:
> good_0 = 2a00:1450:400c:: - 2a00:1450:400c::1000
> good_1 = 2a04:4e42:600::200 - 2a04:4e42:600::400
> good_2 = 2001:1900:2254:206a::50:0
> good_3 = 2001:19f0:5:61d:f000::
> good_4 = 2001:4998:58:1836::10

You could also handle this using an address and mask style entry.  For 
instance,

2a00:1450:400c:: - 2a00:1450:400c::1000 should be equivalent to

2a00:1450:400c::/116       (2^12 = 8192 addresses)
plus
2a00:1450:400c::1000/128   (1 address)

and 2a04:4e42:600::200 - 2a04:4e42:600::400 should be equivalent to

2a04:4e42:600::200/119     (2^9 = 512 addresses)
plus
2a04:4e42:600::400/128     (1 address)

assuming a) I've counted the bits correctly and b) you meant your ranges 
to be inclusive of the endpoints.  It would be somewhat neater if the 
range was eg. 2a00:1450:400c:: - 2a00:1450:400c::fff losing that one 
last oddball address.

	Cheers,

	Matthew