We don't talk about IPv5
-
Oh, now that you mention it I've never tried to map a static DNS entry to a device without DNS. Welp, time to get thousands of raspberry pi's to act as IP KVMs!
That would imply en existence of display/usb outputs…
We’re essentially talking a bunch of embedded devices talking to each other. You can give them all the dns entries you want, but if they (or the programming environment) don’t support DNS lookup you might as well put your dns server in excel.
-
not sure if you're aware thats a real thing https://www.ipv10.net/
>Forbidden
>You don't have permission to access this resource.
Awesome.
-
I worked with one of the inventors of IPv6 for a bit of time, and I think knowing Carl really gave me an insight into who IPv6 was invented for, and that's the big, big, big networks — peering groups that connect large swaths of the Internet with other nations' municipal or public infrastructure.
These groups are pushing petabytes of data every hour, and as a result, I think it makes their strategists think VERY big picture. From what I've seen, IPv6 addresses very real logistical problems you only see with IPv4 when you're already dealing with it on a galactic scale. So, I personally have no doubt that IPv6 is necessary and that the theory is sound.
However, this fuckin' half-in/half-out state has become the engine of a manifold of security issues, primarily bc nobody but nerds or industry specialists knows that much about it yet. That has led to rushed, busy, or just plain lazy devs and engineers to either keep IPv6 sockets listening, unguarded, or to just block them outright and redirect traffic to IPv4 anyway.
Imo there's not much to be done besides go forward with IPv6. It's there, it's tested, it's basically ready for primetime in terms of NIC chip support... I just wish it weren't so obtuse to learn.
However, this fuckin’ half-in/half-out state has become the engine of a manifold of security issues, primarily bc nobody but nerds or industry specialists knows that much about it yet. That has led to rushed, busy, or just plain lazy devs and engineers to either keep IPv6 sockets listening, unguarded, or to just block them outright and redirect traffic to IPv4 anyway.
Its kind of interesting to me how conservative the IT industry is with stuff like this.
The industry loves to say "move fast and break things" or "innovate and disrupt", but that generally only applies to things that can be shat out in a two week long Python project (or shat out in 2 weeks after publicly funded universities spent years figuring out the algorithm for you). For anything foundational, like CPU architecture, operating systems, or the basic assumptions about how UI should work, they're terrified of change.
-
you could assign every square meter of the planet an ip and use it for location, and still have addresses left over
wrote on last edited by [email protected]Oh it’s way more than that!
After looking up some numbers, I note we could give every single square MILLIMETER on the planet its own entire IPv4 address space.
…And then every one of those IPv4 addresses could have its own entire copy of the IPv4 address space!
…And that would just be a drop in the bucket compared with IPv6! One good comparison I’ve seen is that you could assign an address to every atom on the surface of the earth (but not inside it) and have enough left over for 100+ more earths.
Rough math for the square millimeters:
The surface area of the earth is roughly 510 trillion square millimeters. Let’s round that up to a quadrillion or 10^15^.
The number of IPv6 addresses is 2^128^ or 3.4x10^38^. To be conservative again, let’s just round that down to 10^38^.
10^38^ / 10^15^ = 10^23^ IPv6 addresses per square mm of earth.
IPv4 address space is 2^32^ or around 4 billion. let’s round up to 10 billion or 10^10^.
So then 10^23^ / 10^10^ = 10^13^ IPv6 addresses per IPv4 address per square mm of earth.
10^13^ / 10^10^ =
1,000 IPv6 addresses
per IPv4 address
per IPv4 address
per square mm of earth.
And that was with the conservative estimates along the way. I think it would actually be tens of thousands.
-
I hope nat burns in hell when ipv6 will become standard
Any day now brother
-
NAT444 is shit. I can't even host a web server without routing it through a VPN, and my ISP can't work out how to provide an IPv6 addresses yet. Give it to me and I will work out how to use it.
Slight update - Just looked and apparently they had a goal of rolling out IPv6 addresses to all customers by earlier this year. I'll check my router config tomorrow and who knows. Maybe I will be able to get one now? Would be pretty sweet.
I am sorry to interrupt, my ISP gave me an ipv6 address, but I just can't access anything through it even when I specify it in the firewall, maybe they are blocking this functionality because they sell static ips.
-
Wait until we have IPv8, that‘s gonna byte us in the ass for real
wrote on last edited by [email protected]Every atom of the universe should have its own ip.
-
This is exactly why ipv6 was never widely adopted. There's too much power in a limited IP pool.
Define "widely".
According to Google 46.09% of their traffic is IPv6 and most servers support it. It's mostly large ISPs dragging their feet.
-
you could assign every square meter of the planet an ip and use it for location, and still have addresses left over
wrote on last edited by [email protected]square centimeter is the one I heard
-
I know it's a joke, but the idea that NAT has any business existing makes me angry. It's a hack that causes real headaches for network admins and protocol design. The effects are mostly hidden from end users because those two groups have twisted things in knots to make sure end users don't notice too much. The Internet is more centralized and controlled because of it.
No, it is not a security feature. That's a laughable claim that shows you shouldn't be allowed near a firewall.
Fortunately, Google reports that IPv6 adoption is close to cracking 50%.
Ipv6 took awhile for me to understand. One of the biggest hurdles was how is it secure without NAT.
-
Hi I have no idea what I’m doing when it comes to networking. I have ipv6 off on my home network because I was scared of accidentally exposing things outside of my home network. I’m using Ubiquiti. Can someone give me/link me a crash course on how to setup ipv6 without introducing any security holes into my network? Maybe also a crash course in firewalls.
Don't worry Ubiquiti has ipv6 issues. You have an excuse.
-
Every atom of the universe should have its own ip.
For targeted location-based ads of course! Lots of revenue there
-
It’s vulnerable af. And I mean really, it’s as bad as Netscalers or Fortigate shit. Like https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/ or https://www.bleepingcomputer.com/news/security/hackers-abuse-ipv6-networking-feature-to-hijack-software-updates/
Problem is, yes it’s hard to implement but it’s even a lot harder to get it properly secured. Especially because few people are using it, and not securing it is worse than disabling it.
Don't see how that is anymore vulnerable then up 4.
-
It has less eyes on it due to it being less popular. It also introduces an extra vector of attack.
It does not have less eyes on and it's 50% of Google traffic.
-
An ipv6 address turns my brains thinking center off. Short circuit at how fucking stupid it looks.
No different the 10.A4.b2.12
-
I see your satirical IPv6 meme and raise you the highest quality IPv6 evangelism you'll ever see.
That was beautiful
-
My favorite thing to use IPv6 for is to use the privacy extension to get around IP blocks on YouTube when using alternative front ends. Blocked by Google on my laptop? No problem, let me just get another one of my 4,722,366,482,869,645,213,696 IP addresses.
I have a separate subnet which is IPv6 only and rotates through IP addresses every hour or so just for Indivious, Freetube and PipePipe.
What is stoping Google from just blocking your entire IP-Block?
-
Just my perspective as a controls (SCADA engineer):
I work for a large power company. We have close to 100 sites, each with hundreds of IP devices, and have never had a problem with ipv4. Especially when im out in the field I love being able to check IPs, calculate gateways, etc at a glance. Ipv6 is just completely freaking unreadable.
I see the value of outward-facing ipv6 devices (i.e. devices on the internet), considering we are out of ipv4s. But I don't see why we have to convert private networks to ipv6. Put more bluntly: at least industry, it just isn't gonna happen for decades (if it ever does). Unless you need more IPs it's just worse to work with. And there's a huge amount of inertia- got one singular device that doesn't talk ipv6 at a given generation site? What are you supposed to do?
wrote on last edited by [email protected]I’m a protective relay settings engineer at a contractor for lots of power companies. I’m dipping my toes into my first substation automation project. Getting to design the device native files, IPs, and other networking parts from the drawings package of site and device manuals. It’s all SEL equipment with a gateway at the top and local powerWAN, RTAC, annunciators, and relays below. I live thousands of miles from the site, so local testing would be challenging but probably have to fly or something lol. I have been doing some research on how to emulate this is a lab setting when all you have is the RTAC and some relays. Is this something SCADA engineers have to do sometimes? Like if you need to test a scheme when you can’t build it physically first?
-
>Forbidden
>You don't have permission to access this resource.
Awesome.
Obviously. You can only access it in IPv10.
-
I hope nat burns in hell when ipv6 will become standard
mind explaining? All 8 know about Nat is that it sometimes didn't let me play rainbow six siege
