Show threadJdeBPFeb 14

@zrail

Yes. After doing it once one always has the lurking suspicion that one day one will come up against the LAN of someone else who has had the very same idea — whose birthday, or lucky numbers, or CRC16, or whatever just happen to make the same octets in the network part.

Then there are things like having an ISP that uses various parts of 10.0/8 for its internal infrastructure. Even my own ISP uses 192.168.100.0/24 for its own purposes on customer-premises equipment.

@mdavis
#RFC1918 #IPv6 #IPv4 #SiteLocalAddresses #PrivateUseAddresses #LANs #NetworkAdministration

Show threadKlaus UmbachJan 29
@zhenech You are so dirty! Never show your private IPs in public! People get offended, when they see those filthy #RFC1918-parts.
mutant ﴾! offiziell !﴿ ⸙Jan 18

#SLOP me up, Trumpy!

"your provider will give you: A public IP address (e.g., 192.168.1.100)."

Quelle:
www.tecmint.com/ubuntu-server-setup/

im Gegensatz zu:
#RFC1918

#legacy #IPv4 - immer super!

Show threadKevin Karhan Jan 10
@tschaefer problematisch sind vorallem #Blockadenvvon #VPN (#CGNAT mit #RFC1918 Addressraum im #Mobilfunk) und aktive Blockade von #Tor-Verbindungen!
Show threadKevin Karhan Jan 5

@sodiboo I rather want #NAT46 aka. #IPv6+#IPv4 on #WAN and #IPv4only #LAN, because I don't have a provider-independent #IP-Address Space and my #ISP can't be assed to comply with §73 Section 3 Sentence 3 Telecommunications Act so proper Static-IPv6 configuration doesn't work!

Needless to say the way most vendors implement it is fucking cursed!

If I was @BNetzA I'd mandate every Internet connection to be either #DualStack or at least have a /104 of static IPv6's with every #CGNAT'd device (whilst prosecuting every CGNAT using #RFC1918 address space as computer sabotage for bricking #VPN|s)…

  • Alas, they don't…
§ 73 TKG - Einzelnorm

Show threadKevin Karhan Dec 26

@jima @jeff my problem is not only the lack of #IPv6 but the fact that they do #CGNAT in #RFC1918 address space!

https://infosec.space/@kkarhan/115783739506022058

Kevin Karhan :verified: (@[email protected])

Attached: 1 image @[email protected] nope. In #Germany they still violate #RFC6598 and use #RFC1918 [`10.0.0.0 /8`] for #CGNAT because @[email protected] doesn't give a shit that this bricks #VPN|s! https://en.wikipedia.org/wiki/Carrier-grade_NAT#Shared_address_space

Infosec.Space
Show threadKevin Karhan Dec 26

@jeff nope.

In #Germany they still violate #RFC6598 and use #RFC1918 [10.0.0.0 /8] for #CGNAT because @BNetzA doesn't give a shit that this bricks #VPN|s!

https://en.wikipedia.org/wiki/Carrier-grade_NAT#Shared_address_space

Show threadKevin Karhan Dec 9

@exponentialverteilt @clf yes, due to lack of alternative options.

  • But all German mobile networks do #CGNAT in #RFC1918 address space (10.0.0.0 /8)…
Kevin Karhan Dec 9

Does anyone know how to setup #NAT46 on #pfSense within a #LAN?

The Problem is that I want to provide #IPv6-connectivity on #WAN without having to deal with IPv6 in #LAN.

  • Right now I'm ponderig using fc:: /7 on #LAN with #DHCPv6 but the problem is that #Vodafone's shitbox connection is flaky af and the only #Fallback that I currently have is their shitty #LTE which is #IPv4only woth #CGNAT in #RFC1918 ( 10.0.0.0 /8) and no IPv6 connectivity, thus everytime shit flip-flops connectivity is completely gone on IPv6 and only #IPv4 is on that backup link.

So since I don't have a Provider-Independent IP space and my #ISP is so fucking incompetent that I hereby beg @BNetzA to finally seize their network and nationalize/socialize it I am basically stuck on IPv4 connectivity.

  • The only workarounds I know would necessitate using a #HurricaneElectric #GIF-Tunnel for IPv6 on fallback, which won't work because OFC Vodafone doesn't offer me a static IPv4 or even stazic IPv6-Subnet on their mobile network and I got #DualStack on #WAN on the primary network.

  • The problem re: routing exists for all #MultiWAN setups and I won't pay for #Vipritnet or setup my own #ASN and blow money on a @ripencc membership just to get PI Address Space and having to setup my own Gateway to VPN into through all my WAN & #WWAN connections.

Also the false premise of many sites to prefer IPv6 over IPv4 causes everything to break apart at the slightest disruption.

  • IPv6 really annoys me because unlike IPv4, it just doesn't work and everytime I have to deal with it it's a pain in the ass...
Kevin Karhan :verified: (@[email protected])

#IPv6 is a mistake! - Noone needs #128bit address space! - 21+ years of protocol existance, yet no mandatory & widespread adoption… - You want to have more than 1 PC per line? We have a solution for it, it's called #NAT! - IPs should not have variable lenghts and hexadecimal digits!!! #SLAAC? #RouterAdvertisement?? #6rd??? - These are real #IPv6only mechanisms deployed in the real world! *"Yes, I'd love to have all my devices loose their #IP assignments everytime my #WAN connection resets/disconnects/…!"* - They have played us for absolute fools! #meme #shitpost #IPv4 #Enshittification

Infosec.Space
Show threadKevin Karhan Dec 8

@carini simple:

Just because you don't know a "bona-fide" use-case doesn't mean it's inherently bad!

  • In fact I know a lot of legitimate #developers wanting such a service!