dstiles - 7:38 pm on Jan 16, 2013 (gmt 0)
I think there are more "broadband" ISP ranges than server ranges. Admittedly many are /11 or greater but there are also a lot of very small ones, as Lucy suggests. A mitigation would be to select only those ranges assigned to a specific set of countries but that would not be helpful to those web websites that attract legitimate traffic from, eg, RU, UA, CN, IN etc etc.
I would also point out that a LOT of "broadband" IPs I block are run by botnets: there are a lot of very careless (mostly windows) users out there whose machines are compromised, often massively so. A lot of the mobile devices are also easily compromised, especially android. These IPs are responsible for scrape and injection attacks.
In the scope of "business" ranges, I have blocked several sub-ranges (and sometimes full ranges) which are used by scraping and mining businesses.
Also see my current thread hereabouts re: synapse, which seem to be coming in (at least mostly) on "broadband" IPs.
As to ipv6 - I'm holding off on converting to that for as long as possible.