You must log in or # to comment.
My favorite thing to use IPv6 for is to use the privacy extension to get around IP blocks on YouTube when using alternative front ends. Blocked by Google on my laptop? No problem, let me just get another one of my 4,722,366,482,869,645,213,696 IP addresses.
I have a separate subnet which is IPv6 only and rotates through IP addresses every hour or so just for Indivious, Freetube and PipePipe.
What is stoping Google from just blocking your entire IP-Block?
Mostly, I’m not big enough to trigger anything there.
Also, since ISPs usually only get a single humongous IPv6 block, it’s actually pretty hard to know what is okay to block. Somebody might be on a /48, /56 or /64 network but they might also just have a single IPv6 address. Since you’re blocking quintillions of IP addresses with each /64 net, the risk of hitting innocent IPs is high.
Also also, I’m not sure if Google is actually prepared for such a case. Since all the requests coming from Invidious just seem like legit unauthenticated requests, it’s hard to flag them on IPv6 when the IPs are fully randomized.
Still, Google is moving towards requiring a login for everything. So I assume that method won’t work for much longer.
Skill issue
IPv6 is easy to do.
2000::/3 is the internet range
fc00::/7 is the private network range (for non routing v6)
fe80::/64 is link local (like apipa but it never changes)
::1/128 is loopback
/64 is the smallest network allocation, and you still have 64 bits left for devices.
You don’t need NAT when you can just do firewalling - default drop new connections on inbound wan and allow established, related on outbound wan like any IPv4 firewall does.
Use DHCPv6 and Prefix Delegation (DHCPv6-PD) to get your subnets and addresses (ask for a /60 on the wan to get 16 subnets).
Hook up to your printer using ipv6 link local address - that address never changes on its own, and now you don’t have to play the static ip game to connect to it after changing your router or net config.
The real holdup is ISPs getting ultra cheap routers that use stupid network allocation systems (AT&T) that are incompat with the elegant simplicity of prefix delegation and dhcp.
The reason IPv6 was originally added to the DOCSIS specs, over 20 years ago, is because Comcast literally exhausted all RFC1918 addresses on their modem management networks.
My favourite feature of IPv6 is networks, and hosts therein, can have multiple prefixes and addresses as a core function. I use it to expose local functions on only ULA addresses, but provide locked down public access when and where needed. Access separation is handled at the IP stack, with IPv4 it’s expected to be handled by a firewall or equivalent.
My favorite feature of IPv6 is that there are so many addresses available. Every single IPv4 address right now could have its own entire IPv4 range of addresses in IPv6. It’s mind-boggling huge.
you could assign every square meter of the planet an ip and use it for location, and still have addresses left over
Oh it’s way more than that!
After looking up some numbers, I note we could give every single square MILLIMETER on the planet its own entire IPv4 address space.
…And then every one of those IPv4 addresses could have its own entire copy of the IPv4 address space!
…And that would just be a drop in the bucket compared with IPv6! One good comparison I’ve seen is that you could assign an address to every atom on the surface of the earth (but not inside it) and have enough left over for 100+ more earths.
Rough math for the square millimeters:
The surface area of the earth is roughly 510 trillion square millimeters. Let’s round that up to a quadrillion or 1015.
The number of IPv6 addresses is 2128 or 3.4x1038. To be conservative again, let’s just round that down to 1038.
1038 / 1015 = 1023 IPv6 addresses per square mm of earth.
IPv4 address space is 232 or around 4 billion. let’s round up to 10 billion or 1010.
So then 1023 / 1010 = 1013 IPv6 addresses per IPv4 address per square mm of earth.
1013 / 1010 =
1,000 IPv6 addresses
per IPv4 address
per IPv4 address
per square mm of earth.
And that was with the conservative estimates along the way. I think it would actually be tens of thousands.
Meh, the idea of having every address be globally routable makes a lot of sense. NAT is a great bandaid but it’s still a bandaid. It still limits how peer to peer and multicast applications function, especially on larger networks.
NAT444 is shit. I can’t even host a web server without routing it through a VPN, and my ISP can’t work out how to provide an IPv6 addresses yet. Give it to me and I will work out how to use it.
Slight update - Just looked and apparently they had a goal of rolling out IPv6 addresses to all customers by earlier this year. I’ll check my router config tomorrow and who knows. Maybe I will be able to get one now? Would be pretty sweet.
I am sorry to interrupt, my ISP gave me an ipv6 address, but I just can’t access anything through it even when I specify it in the firewall, maybe they are blocking this functionality because they sell static ips.
I can use dynamic DNS, the problem is I can’t host over NAT444 without something like a VPN.
Still not been given an IPv6 address though.
In my personal life I will probably “never” intentionally use ipv6.
But it is a DAMNED good sniff test to figure out if an IT/NT team is too dumb to live BEFORE they break your entire infrastructure. If they insist that the single most important thing is to turn it off on every machine? They better have a real good reason other than “it’s hard”
Realistically no organization has so many endpoints that they need IPv6 on their internal networks. There’s no reason to deal with more complicated addressing schemes except on the public Internet. Only the border devices should be using IPv6.
Hopefully if an organization has remote endpoints which are connecting to the internal network over the Internet, they are doing that through a VPN and can still just be assigned IPv4 addresses on dedicated VLANs when they connect.
If you don’t have ipv6 internally, you probably can’t access ipv6 externally. 6to4 gateways are a thing. 4to6? Not so much.
And this is why ipv6 will ultimately take another 20 years for full coverage. If it was more backwards compatible from the starting address-wise then this would all have been smoother. Should have stuck with point separators. Should have assumed zero padding for v4 style addresses rather than a prefix
If you don’t have ipv6 internally, you probably can’t access ipv6 externally. 6to4 gateways are a thing. 4to6? Not so much.
I’m pretty sure stateful gateways do exist, but it’s a massive ball of complexity that would be entirely avoided if people just used native v6.
I hope nat burns in hell when ipv6 will become standard
Any day now brother
It’s the year of the ipv6 server
mind explaining? All 8 know about Nat is that it sometimes didn’t let me play rainbow six siege
NAT is like package delivery IRL. If you’re a server and send a package to a client without NAT, that’s like sending a delivery boy to deliver pizza, goes straight from source to destination.
But with NAT it’s like ordering a package online. It first will be delivered to a distribution center, and then a delivery warehouse in your area, and then the courier delivers packages to all people on his route.
It’s way more complex and you now have a whole bunch of points of failure.
That’s a great analogy for carrier grade nat.
For regular nat it’s like the pizza is able to get all the way to your house but then has no idea who to go to so somebody has to answer the door and then take the pizza from the door to the person who ordered it themselves.
And IPv6 is like the pizza delivery guy just walks right into the house up the steps into your bedroom and hands you the pizza directly.
The best part is they each have the same exact problems you’d have in real life.
Let me one up this. IPv4 NAT is like the pizza guy has to deliver to you, but you live in a gated community with a strict no visitors policy, which does not allow you to even mention what unit you’re in, and none of the addresses in the community are registered with the post office or on Google Maps either. Instead, you tell the guardhouse you want to order, and they order the pizza for you. The pizza guy delivers to the guardhouse, and the guardhouse delivers the pizza to you.
IPv6 (with firewalling) is like a normal gated community, you order the pizza and include the unit number, and the delivery driver can deliver your pizza directly, as long as the guardhouse approves.
The difference is, with NAT, the guardhouse has to both guard (firewall) and route (keep track of all deliveries, and deliver) your packages, where with IPv6, the guardhouse (firewall) only has to guard (firewall) the packages.
