On Thu, 2010-02-25 at 15:55 -0800, mattmcadoo at mattmcadoo dot com wrote:
> I have a /64 block of IPv6 addresses from my ISP and am having a hell of a
> time to get it working.  For the sake of example, my block is
> 2001:aaaa:bbbb:cccc::/64 and the gateway is 2001:aaaa:bbbb:cccc::1 (all
> the info that was given by my ISP)

Unless I'm terribly confused (and I could be, I'm a v6 beginner, though
I do have my network up and v6 connected), you can't actually subnet
a /64.  The first 64 bits are a network prefix, and the last 64 bits are
the host portion, typically populated using the MAC of the interface.

If you want subnets, you need a /64 for the firewall, and then a routed
subnet (/48 is 'standard', but some places allocate /56's or even /60's)
for the LAN.

Brett.