• @tburkhol
    link
    English
    66 months ago

    IPv6 does have private spaces. Any prefix beginning with fd is ‘private,’ and (IIRC) there’s a formula to generate the next 40 bits of prefix to minimize the chance of intersections. i.e., you can generate your own internal /48 functionally equivalent to 192.168/16 or 10/8

    Don’t know if you can use that with SLAAAC, but it works if you run a dhcpv6 and makes ipv6 feel a lot like ipv4. You have to NAT everything inside &c, but if you already have a functioning internal IPv4 network, IPv6 is just a matter of figuring out which config options need to be changed (eg, dhcp6.name-servers for option domain-name-servers)

    • @[email protected]
      link
      fedilink
      English
      16 months ago

      I’m really appreciating your use of &c.

      Are you in the nineteenth century by any chance?

    • @theit8514
      link
      English
      06 months ago

      Yes, ULA are one of the exceptions I mentioned. It covers fc00::/7 which is fc00 to fdff, though I believe most use just the top half. I use one for an intermediate network between my edge router and my primary firewall to not consume one of my limited /64 networks.

      I haven’t played with IPV6 NAT much. I know its use is a bit discouraged as NAT was always designed as a stopgap measure for IPV4 exhaustion. It might be a good option if you need additional space and your ISP doesn’t support additional prefixes. Just keep in mind that if you use these in DNS, they won’t be accessible externally.

      • @tburkhol
        link
        English
        36 months ago

        Yeah, my ISP “supports” IPv6, but assigns a /128 to users. It seems to wipe out most of the desirable features of IPv6, and has probably given me a distorted view of its philosophy. OTOH, it did force me to learn how to do DNS views, so names can have the ULA address inside and the global address outside the house, which is pretty cool.

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        6 months ago

        The downside with ULA is that ipv4 is given preference, which is annoying on dual stack networks. I believe there is a draft RFC to change this but it will take a while for it to be approved and longer still for OSes to change their behaviour. I workaround it by using one of the unused (but not ULA) prefixes.