Mastodawn

My biggest personal take away is #IPv6 is fine for most things. It is still fantastically unclear when an address is stable, and if it isn't how to go about establishing a local human facing redirect to access a given machine.

I'm still not sure how I can (for example) run a service in docker container proxies behind nginx, then resolve a hostname for that service from another computer if the ip of the server for reasons (?) changes on me, or if that fear is even real and I should just assume the address is static.

Dave Sparks (Bit Wrangler)18h ago

Enabled #IPv6 on the network backbone and the VLANs for our trusted machines and guest network. It wasn't as difficult as I expected it to be. There are still some things I'm trying to grok, e.g. why some clients don't have hostname records.

goetz 22h ago

#464XLAT and #NAT64 on #Mikrotik routers.

https://forum.mikrotik.com/t/nat64-and-464xlat-on-ros-how-to/267046

Please have this out of the box available?
@mikrotik@tiktube.com @mikrotik

#IPv6 #IPv6mostly

NAT64 and 464XLAT on ROS how-to

Here is a working NAT64 solution for homelab folks wanting to experiment with IPv6-only, or their provider only offers IPv6 with IPv4 over CG-NAT. Full 464XLAT operation is achieved when the client devices include a CLAT, such as Apple devices. This solution does require the ISP provide an IPv4 address, so it won’t work if the provider is IPv6-only and doesn’t provide NAT64 in their network, Ive read that some do. My network is a fairly typical dual-stack setup where my ISP offers CG-NATed IPv4...

MikroTik community forum

bert hubert 🇺🇦🇪🇺🇺🇦1d ago

Now I don't know about your coping mechanisms, but mine definitely include making graphs. Check out the #IPv6 fraction of visitors to berthub.eu at the lower left:

Micheal

1d ago

Booting NetBSD 10.1 installation from floppy sets, then downloading and installing over ipv6 from an http mirror. All on a 486DX2-66Mhz.

#netbsd #retrocomputing #486 #ipv6

subnetspider 2d ago

I'm finalizing my OPNsense HA setup right now, and want to create an #IPv6 link-local address CARP VIP for each subnet/VLAN.

Is it okay to use fe80::1/64 for each subnet?

It will be uses as both the gateway and source of router advertisements.

Show thread

Kevin Karhan

2d ago

@jima @jeff my problem is not only the lack of #IPv6 but the fact that they do #CGNAT in #RFC1918 address space!

https://infosec.space/@kkarhan/115783739506022058

Kevin Karhan :verified: (@kkarhan@infosec.space)

Attached: 1 image @jeff@noxon.cc nope. In #Germany they still violate #RFC6598 and use #RFC1918 [`10.0.0.0 /8`] for #CGNAT because @BNetzA@social.bund.de doesn't give a shit that this bricks #VPN|s! https://en.wikipedia.org/wiki/Carrier-grade_NAT#Shared_address_space

Infosec.Space

Show thread

Jima

2d ago

@jeff @kkarhan That's an easy mistake for we Americans to make!

Many countries don't have that paradigm. In the UK, wireline broadband #IPv6 adoption is weirdly ahead of cellular, for instance.

Also, AIUI, a non-trivial number of regional cellular carriers in the US haven't even deployed — apparently they're not feeling the CGNAT pain the national players are.