We don't talk about IPv5
-
If you set up your DNS correctly then you don't even need the IPs. Just give devices unique, human-readable names and maybe do separate sub-domains for each site or something.
For that to work industrial devices have to support DNS in the first place…
-
For that to work industrial devices have to support DNS in the first place…
Oh, now that you mention it I've never tried to map a static DNS entry to a device without DNS. Welp, time to get thousands of raspberry pi's to act as IP KVMs!
-
I've recently changed isp and am now hitting CGNAT problems. I have been running Nextcloudpi for years and now I can't access it from outside.
I've trying to understand if I can fix the problem using IPv6 but from what you've said I'm now wondering if a vps is the solution?I deal with cgnat on my 2 isps at home. Install tailscale on your vps and your router at home and then on your router you can share subnet devices over your tailscale network. Install a reverse proxy on your vps.
If set up correctly you can route a human readable web address (jellyfin.example.com) to your vps static ip address and then to, for example, a docker container with local address 192.168.100.1:8096, via reverse proxy.
-
This post did not contain any content.
Meh, the idea of having every address be globally routable makes a lot of sense. NAT is a great bandaid but it's still a bandaid. It still limits how peer to peer and multicast applications function, especially on larger networks.
-
That's nothing that can't be done with a good set of firewalls on IPv6.
The one thing you can't do with IPv6 is yell the address across the room to the technician plugged into the switch trying to ping the node.
-
it's not a browser extension, its a SLAAC thing https://www.internetsociety.org/resources/deploy360/2014/privacy-extensions-for-ipv6-slaac.
TL;DR is that SLAAC used to use part of your device MAC to form it's IP, which would be trackable/fingerprintable. Now devices just pick the last 48-bits at complete random on the assumption that no other device is going to have that specific address out of the 4 quintilion available addresses.
edit the RFC https://datatracker.ietf.org/doc/html/rfc4941
Thanks, might have to try that sometime.
-
This post did not contain any content.
An ipv6 address turns my brains thinking center off. Short circuit at how fucking stupid it looks.
-
This post did not contain any content.
The reason IPv6 was originally added to the DOCSIS specs, over 20 years ago, is because Comcast literally exhausted all RFC1918 addresses on their modem management networks.
My favourite feature of IPv6 is networks, and hosts therein, can have multiple prefixes and addresses as a core function. I use it to expose local functions on only ULA addresses, but provide locked down public access when and where needed. Access separation is handled at the IP stack, with IPv4 it’s expected to be handled by a firewall or equivalent.
-
Meh, the idea of having every address be globally routable makes a lot of sense. NAT is a great bandaid but it's still a bandaid. It still limits how peer to peer and multicast applications function, especially on larger networks.
wrote on last edited by [email protected]NAT444 is shit. I can't even host a web server without routing it through a VPN, and my ISP can't work out how to provide an IPv6 addresses yet. Give it to me and I will work out how to use it.
Slight update - Just looked and apparently they had a goal of rolling out IPv6 addresses to all customers by earlier this year. I'll check my router config tomorrow and who knows. Maybe I will be able to get one now? Would be pretty sweet.
-
The reason IPv6 was originally added to the DOCSIS specs, over 20 years ago, is because Comcast literally exhausted all RFC1918 addresses on their modem management networks.
My favourite feature of IPv6 is networks, and hosts therein, can have multiple prefixes and addresses as a core function. I use it to expose local functions on only ULA addresses, but provide locked down public access when and where needed. Access separation is handled at the IP stack, with IPv4 it’s expected to be handled by a firewall or equivalent.
I understand some of these words!
-
I think NAT is one reason why the internet is so centralized. If everyone had a static IP you could do all sorts of decentralized cool stuff.
Which is why IPv6 was created. Everything used to get a public routable IP. Large company’s such as ATT and IBM got a whole /8 to themselves. NAT made it so we did not run out of IP’s in the 2000’s
-
This post did not contain any content.
Hi I have no idea what I’m doing when it comes to networking. I have ipv6 off on my home network because I was scared of accidentally exposing things outside of my home network. I’m using Ubiquiti. Can someone give me/link me a crash course on how to setup ipv6 without introducing any security holes into my network? Maybe also a crash course in firewalls.
-
I wrote and ipv6 parser once.
Never again.
As in a regex or ..?
An ipv4 parser would also be sorta difficult.
you have to account for the fact that all the octets can be added to decimal: http://2130706433 (valid 127.0.0.1)
or the fact that octets can be in different formats: http://0x7F.0x0.0x0.0x1 (127.0.0.1)
or the fact that you can mix octet formats: http://0xC0.0250.0.1 (192.168.0.1)
-
This post did not contain any content.
Is this IPv5?
-
The reason IPv6 was originally added to the DOCSIS specs, over 20 years ago, is because Comcast literally exhausted all RFC1918 addresses on their modem management networks.
My favourite feature of IPv6 is networks, and hosts therein, can have multiple prefixes and addresses as a core function. I use it to expose local functions on only ULA addresses, but provide locked down public access when and where needed. Access separation is handled at the IP stack, with IPv4 it’s expected to be handled by a firewall or equivalent.
My favorite feature of IPv6 is that there are so many addresses available. Every single IPv4 address right now could have its own entire IPv4 range of addresses in IPv6. It's mind-boggling huge.
-
This post did not contain any content.
I love the flat earther energy in this
-
As in a regex or ..?
An ipv4 parser would also be sorta difficult.
you have to account for the fact that all the octets can be added to decimal: http://2130706433 (valid 127.0.0.1)
or the fact that octets can be in different formats: http://0x7F.0x0.0x0.0x1 (127.0.0.1)
or the fact that you can mix octet formats: http://0xC0.0250.0.1 (192.168.0.1)
Yeah a mix of regex and heuristics to validate before parsing
It was a long time ago now
It also had to parse ipv4 because they can be embedded (IIRC) and the different octet formats
-
This post did not contain any content.
Surely we can do better. Why not IPv10? That's 4 higher than 6!
-
Is this IPv5?
Fun fact: IP version 5 is actually reserved for the Internet Streaming Protocol.
-
My favorite thing to use IPv6 for is to use the privacy extension to get around IP blocks on YouTube when using alternative front ends. Blocked by Google on my laptop? No problem, let me just get another one of my 4,722,366,482,869,645,213,696 IP addresses.
I have a separate subnet which is IPv6 only and rotates through IP addresses every hour or so just for Indivious, Freetube and PipePipe.
This is exactly why ipv6 was never widely adopted. There's too much power in a limited IP pool.
