You must log in or # to comment.
bro just add another octet to the end of ipv4. That goes from 4 billion to a trillion and will most definitely outlast modern electronics and capitalism
I hope nat burns in hell when ipv6 will become standard
Any day now brother
It’s the year of the ipv6 server
mind explaining? All 8 know about Nat is that it sometimes didn’t let me play rainbow six siege
Having multiple hosts under one address for all hosts is annoying. Port forwarding is annoying. Some isps have their own nat and want you to pay additionally for public ip address
I know it’s a joke, but the idea that NAT has any business existing makes me angry. It’s a hack that causes real headaches for network admins and protocol design. The effects are mostly hidden from end users because those two groups have twisted things in knots to make sure end users don’t notice too much. The Internet is more centralized and controlled because of it.
No, it is not a security feature. That’s a laughable claim that shows you shouldn’t be allowed near a firewall.
Fortunately, Google reports that IPv6 adoption is close to cracking 50%.
You are right, but I wish ipv6 was less shitty of a replacement.
There is something there, but mostly I think existing net admins try to map their existing IPv4 knowledge onto IPv6. That doesn’t work very well. It needs to be treated as its own thing.
Nah. You’re just too stupid to understand the internet is designed to be used with DNS. The people who design these protocols and operate the networks that form the internet have no issues with DNS and don’t care that you don’t understand.
Funny how I never once criticized, or even mentioned, IPv6s complexity, yet that is the aspect you chose to so valiantly defend. Quite telling, isn’t it?
My isp and router both claim to have IPv6 but every test site has failed.
Fine, I won’t invite you to our bi-annual TURN server appreciation event.
We use NAT all the time in industrial settings. Makes it so you can have select devices communicate with the plant level network, while keeping everything else common so that downtime is reduced when equipment inevitably fails.
That’s nothing that can’t be done with a good set of firewalls on IPv6.
This is equipment that uses all statically addressed devices. And ignoring the fact that IPv6 is simply unsupported on most of them, there are duplicate machines that share programs. Regardless of IP version you need NAT anyway if you want to be able to reach each of the duplicates from the plant network.
Also for home network I don’t won’t my IOT to have a real IP to the Internet. Using IPv4 NAT you can have a bit of safety by obscurity
I don’t won’t my IOT to have a real IP to the Internet
Why not? What’s the difference to them having a nat ipv4?
Its unlikely someone with guess your ipv6 of your iot.
No, but it’s far easier to explain how to configure your home network such that 182.168.1.* is for your regular devices like laptops, etc. and 192.168.2.* is for your IoT devices. Then block all access from 192.168.2.* to the internet so your IoT devices can’t “phone home”, can’t auto-update without your knowledge, can’t end up as part of a botnet, etc.
That’s the thing, you are still thinking in ipv4 terms, and that’s ok. It’s a different way to think of things using ipv6 and the proper way to configure them. No worries tho. Not like you are being forced to ipv6 for internal home networks.
Ok, so what would the equivalent be?
Create a new /64 and don’t give it a route to the internet.
The reason IPv6 was originally added to the DOCSIS specs, over 20 years ago, is because Comcast literally exhausted all RFC1918 addresses on their modem management networks.
My favourite feature of IPv6 is networks, and hosts therein, can have multiple prefixes and addresses as a core function. I use it to expose local functions on only ULA addresses, but provide locked down public access when and where needed. Access separation is handled at the IP stack, with IPv4 it’s expected to be handled by a firewall or equivalent.
My favorite feature of IPv6 is that there are so many addresses available. Every single IPv4 address right now could have its own entire IPv4 range of addresses in IPv6. It’s mind-boggling huge.
They kept talking it was because address exaustion, and IANA sold all the remaining blocks they had…
I tested it at the time. Ran nmap ping scan across a block all night with zero results. IANA sold the internet
I understand some of these words!
Skill issue
IPv6 is easy to do.
2000::/3 is the internet range
fc00::/7 is the private network range (for non routing v6)
fe80::/64 is link local (like apipa but it never changes)
::1/128 is loopback
/64 is the smallest network allocation, and you still have 64 bits left for devices.
You don’t need NAT when you can just do firewalling - default drop new connections on inbound wan and allow established, related on outbound wan like any IPv4 firewall does.
Use DHCPv6 and Prefix Delegation (DHCPv6-PD) to get your subnets and addresses (ask for a /60 on the wan to get 16 subnets).
Hook up to your printer using ipv6 link local address - that address never changes on its own, and now you don’t have to play the static ip game to connect to it after changing your router or net config.
The real holdup is ISPs getting ultra cheap routers that use stupid network allocation systems (AT&T) that are incompat with the elegant simplicity of prefix delegation and dhcp.
deleted by creator
Every atom of the universe should have its own ip.
For targeted location-based ads of course! Lots of revenue there
I see your satirical IPv6 meme and raise you the highest quality IPv6 evangelism you’ll ever see.
I use IPv6 every day and everywhere I can. It solves so many issues in large corporate and ISP network setups. And yes 10. Wasn’t big enough, and NATing is a PitA.
Honestly we just keep pushing it off when it’s not that bad. Workaround after workaround just because people are lazy.
I agree with everything you said but it still doesn’t make me hate ipv6 less.
How much slack did you have in your 10.* network? Or was it literally 16.7 million devices?
Having the breathing room is great.
You have two teams that independently set up private networks but now someone has to talk to them both?
In IPv4, they likely stepped on the same private subnets. In ipv6, they pretty much certainly did not step in the same ULA prefixes. My VPN setup is a mess of a maze to deal with the fact that most things I connect to are all independently allocated 10. subnets, with the IPv6 focused customer being easiest.
Also, if you want to embed information in your addressing, like vlan I’d or room information.
Besides, you can have addresses like fd37:5f1a:b4c1::feed:face, and that’s fun isn’t it?
16M devices on one network would almost certainly have major scalability problems all its own. SMB chattiness alone . . . shudder.
Just my perspective as a controls (SCADA engineer):
I work for a large power company. We have close to 100 sites, each with hundreds of IP devices, and have never had a problem with ipv4. Especially when im out in the field I love being able to check IPs, calculate gateways, etc at a glance. Ipv6 is just completely freaking unreadable.
I see the value of outward-facing ipv6 devices (i.e. devices on the internet), considering we are out of ipv4s. But I don’t see why we have to convert private networks to ipv6. Put more bluntly: at least industry, it just isn’t gonna happen for decades (if it ever does). Unless you need more IPs it’s just worse to work with. And there’s a huge amount of inertia- got one singular device that doesn’t talk ipv6 at a given generation site? What are you supposed to do?
90% of industrial devices are still 100 Mbit/s.
I mean that’s of the ethenet capable ones… a huge chunk are still serial
And the rest are pure analog
I’m a protective relay settings engineer at a contractor for lots of power companies. I’m dipping my toes into my first substation automation project. Getting to design the device native files, IPs, and other networking parts from the drawings package of site and device manuals. It’s all SEL equipment with a gateway at the top and local powerWAN, RTAC, annunciators, and relays below. I live thousands of miles from the site, so local testing would be challenging but probably have to fly or something lol. I have been doing some research on how to emulate this is a lab setting when all you have is the RTAC and some relays. Is this something SCADA engineers have to do sometimes? Like if you need to test a scheme when you can’t build it physically first?
Is this IPv5?
Fun fact: IP version 5 is actually reserved for the Internet Streaming Protocol.
I’m surprised by the comments here. I use 90% IPv6. For me v4 is only present for retro compatibility. The transition was hard however.
I love the flat earther energy in this
CGNATs suck ass though, I had to buy a vps just to access my own network outside my home.
Yeah, had the same issue with my ISP, but at least they switched me back to ipv4 after a support call. Didn’t want to pay extra for the privilege of not being reachable from the outside anymore.
I’ve recently changed isp and am now hitting CGNAT problems. I have been running Nextcloudpi for years and now I can’t access it from outside. I’ve trying to understand if I can fix the problem using IPv6 but from what you’ve said I’m now wondering if a vps is the solution?
My ISP doesn’t properly support IPV6, otherwise it should work. I use wireguard to route just my server traffic to the vps.
I deal with cgnat on my 2 isps at home. Install tailscale on your vps and your router at home and then on your router you can share subnet devices over your tailscale network. Install a reverse proxy on your vps.
If set up correctly you can route a human readable web address (jellyfin.example.com) to your vps static ip address and then to, for example, a docker container with local address 192.168.100.1:8096, via reverse proxy.
I have never started using ipv6 so I’m in the clear here
