Posts by litchralee_v6@ipv6.social
(DIR) Post #AbNMrxoGmngcKdXvZw by litchralee_v6@ipv6.social
2023-11-01T20:34:15Z
0 likes, 0 repeats
From a different thread about sunsetting temporary solutions, are there any RFCs or guidance about transitioning dual-stack applications to #IPv6 only? For example, I have a small existing website which I've provisioned for dual-stack using #NAT64. But in preparation for when I want to deprecate Legacy IP and/or NAT64, what sort of sunset behavior should my web server return for Legacy IP clients?I like the idea of an HTTP error code, maybe 501, 510, or maybe even 426 Upgrade Needed. Thoughts?
(DIR) Post #AbQH0WMuAJ41ZzK7ii by litchralee_v6@ipv6.social
2023-11-03T00:08:32Z
0 likes, 1 repeats
@flup If your ISP does not currently give you a public-routable IPv4 address -- ie they're using CGNAT -- then enabling #IPv6 avoids issues when the CGNAT's address is blocked/rate-limited by a website because someone else on your ISP was being naughty.IPv6 lets you do peer-to-peer and port-forwarding in the way the Internet was originally envisioned: with end to end connectivity.Finally, some IoT devices need IPv6, and may announce IPv6 if not found, causing weird issues (see Apple TV).
(DIR) Post #AbR2muKz31q3fD01Ee by litchralee_v6@ipv6.social
2023-11-03T16:37:34Z
0 likes, 1 repeats
This is a pretty good -- albeit 10 yrs old -- explainer on #IPv6 addressing, intended for the network admin who is unfamiliar with modern IP and is looking for a single document to read from cover to cover, with intent to roll out in an existing network.https://www.ripe.net/support/training/material/basic-ipv6-training-course/basicipv6-addressing-plan-howto.pdf
(DIR) Post #AbbzE1BFS3Jrcyg0dU by litchralee_v6@ipv6.social
2023-11-07T18:51:46Z
0 likes, 0 repeats
@Oskar456 @tore Very nice! I've done something similar for a #k8s cluster that needed #NAT64 translation for its containers. One thing I did have to add was filtering within the namespace, since Jool was unexpectedly translating RFC1918 addresses when using the well-known prefix.It was unclear to me why Jool was doing that, but all was easily fixed with some reject rules for each of the rfc1918 address subnets.
(DIR) Post #AbcANQbfO0GyaTitkG by litchralee_v6@ipv6.social
2023-11-09T01:25:43Z
0 likes, 0 repeats
@tschaefer @Oskar456 @tore What I had in mind was the restriction from RFC6053 section 3.1, where the well known prefix is supposed to reject non-global legacy IP addresses.I suppose it's not a big issue if Android's CLAT tries to initiate traffic with such a destination, but the #NAT64 gateway is supposed to decline to translate that destination within the well known prefix, if I understand the RFC correctly.
(DIR) Post #AbuMHzdgAxB5QsZcAq by litchralee_v6@ipv6.social
2023-11-17T20:03:13Z
0 likes, 0 repeats
@tschaefer @quux Everything described in this fantasy/short story is plausible and desirable for our world. The one part I would object to is that after achieving victory, IPv6 should not be showered with glory forever, but instead fade into the background as a critical and wholly uncontroversial utility, just as running water and cellular networks have. That will be the full accomplishment, finally displacint legacy IP.Of course, victory is still a long way away.
(DIR) Post #AdPyMCzMdrAz957o00 by litchralee_v6@ipv6.social
2024-01-01T23:58:40Z
0 likes, 0 repeats
@tschaefer Just... wow. This document is staggering in how it belies logic and history."If IPv4 capacity could be expanded without the CG-NAT limitations, such as size, speed and outgoing-only, the urgency due to address shortage will be relaxed long enough for the IPv6 to mature on its own pace"This is nothing less than "the beatings will continue until morale improves" in its backwards ideas. And adding *more* routers to keep legacy IP alive?? Dear me, that's misguided + tried and failed.
(DIR) Post #AlPm5fPKBAyFAp1SKG by litchralee_v6@ipv6.social
2024-08-28T02:00:36Z
0 likes, 0 repeats
@projectgus Often when it comes to privacy, people speak of tradeoffs. As in, what's being gained and what's being lost. With Legacy IP (whether rotating or CGNAT), the proposition is a nebulous gain of non-correlated addresses. But the guaranteed loss is: no end-to-end connectivity, necessity of STUN/TURN, breakage of p2p, and difficulty/impossibility of hosting game servers.#IPv6 avoids all those problems and is the modern protocol. Non-correlatability isn't worth giving those features up.
(DIR) Post #AlPm5hWqICAlkiYUK0 by litchralee_v6@ipv6.social
2024-08-28T02:04:37Z
0 likes, 0 repeats
@projectgus I'll also note that if you really want to cycle a stable #IPv6 prefix, you can try manipulating your router's WAN MAC address. That often convinces DHCPv6-PD to assign a different prefix, based on the idea that the former MAC still has the lease for the prior prefix.This isn't guaranteed to work, but seeing how prevalent the opposite scenario is (an ISP cycling the prefix too frequently), your ISP seems to be one of the nicer ones in its stability.
(DIR) Post #AoLVIjWsGXyIhFg7k0 by litchralee_v6@ipv6.social
2024-11-23T20:47:25Z
0 likes, 0 repeats
@kmj @goetz @lucasmz I can understand a need to pass DHCP options -- except DNS, since RDNSS exists now -- but the security aspect would suggest already having the ability to monitor unexpected L2 traffic, such as for uninvited devices. But in that case, that same capability would also be sufficient to discover SLAAC self-assigned addresses, even when privacy extensions are enabled. SDN does exactly this, coupled with per-user VLANs, but that's a bit much.Are you sure DHCPv6 is indicated here?