Completely agree with your dual-stack networks are more prone to errors and IPv6 networks are simpler than their IPv4 counterparts. Firewalls are easier to understand than port mapping NATs. Simpler is better for security.
I’ve tried running my home network with IPv6 only and NAT64 on my edge but more than a couple devices seem to only understand IPv4. I feel like these devices will be the ones that hold back the IPv6 only approach.
@apearson> I’ve tried running my home network with IPv6 only and NAT64 on my edge but more than a couple devices seem to only understand IPv4. I feel like these devices will be the ones that hold back the IPv6 only approach.
One of my two Roku Ultras finally is acquiring an IPv6 address, but no idea if it is doing any streaming with it. The other hasn’t acquired an IPv6 address yet. Even though the two have the same marketing name, they are different internal hardware models. But at least it is a sign that Roku Labs is at least aware that there is something called IPv6!
What are those devices? Poorly designed IoT stuff? I’ve some experience with the embedded / industrial world I remember working with Telit modems and manuals / documentation pushed people really hard into getting IPv6 working.
I’m currently doing a very specific thing with IPv6 in one of my setups. So the ISP on that site provides a very good Wifi6 router with IPv4 + IPv6 (PD/SLAAC) dual-stack networking.
Everyone’s first thought is to replace the router ISP entirely, however it isn’t necessary in that case. I simply added a cheap ARM device (NanoPi NEO2, 512M of RAM) running OpenWRT to handle most of the network while still keeping the router’s ISP as gateway and wifi AP.
In the ISP router I’ve disabled IPv4 DHCP, set it to a static IP. Kept IPv6 PD / SLAAC settings as provided by the ISP. Then I configured the OpenWRT box to do DHCPv4 + dual stack DNS (SmartDNS, encrypted etc) while the ISP router advertises the IPv6 prefix and acts as gateway for both IPv4 and IPv6. OpenWrt is 192.168.1.1 + fe80:1c0:5208::1, and the ISP router is 192.168.1.254.
My devices will get their IPv4 from the OpenWRT box via DHCP and their IPv6 from the ISP via PD / SLAAC. DNS in both cases is provided by the OpenWRT box. With option ra_preference'high' devices in the network will set their IPv6 DNS server to fe80:1c0:5208::1 (my OpenWRT box) instead of what the ISP router advertises that has a lower priority.
Completely agree with your dual-stack networks are more prone to errors and IPv6 networks are simpler than their IPv4 counterparts. Firewalls are easier to understand than port mapping NATs. Simpler is better for security.
I’ve tried running my home network with IPv6 only and NAT64 on my edge but more than a couple devices seem to only understand IPv4. I feel like these devices will be the ones that hold back the IPv6 only approach.
@apearson> I’ve tried running my home network with IPv6 only and NAT64 on my edge but more than a couple devices seem to only understand IPv4. I feel like these devices will be the ones that hold back the IPv6 only approach.
One of my two Roku Ultras finally is acquiring an IPv6 address, but no idea if it is doing any streaming with it. The other hasn’t acquired an IPv6 address yet. Even though the two have the same marketing name, they are different internal hardware models. But at least it is a sign that Roku Labs is at least aware that there is something called IPv6!
That’s great to hear! One of the IPv4 only devices I have is a Roku
What are those devices? Poorly designed IoT stuff? I’ve some experience with the embedded / industrial world I remember working with Telit modems and manuals / documentation pushed people really hard into getting IPv6 working.
They’re all IoT type devices (scale, Robo Vac, alarm) :/
Sad.
I’m currently doing a very specific thing with IPv6 in one of my setups. So the ISP on that site provides a very good Wifi6 router with IPv4 + IPv6 (PD/SLAAC) dual-stack networking.
Everyone’s first thought is to replace the router ISP entirely, however it isn’t necessary in that case. I simply added a cheap ARM device (NanoPi NEO2, 512M of RAM) running OpenWRT to handle most of the network while still keeping the router’s ISP as gateway and wifi AP.
In the ISP router I’ve disabled IPv4 DHCP, set it to a static IP. Kept IPv6 PD / SLAAC settings as provided by the ISP. Then I configured the OpenWRT box to do DHCPv4 + dual stack DNS (SmartDNS, encrypted etc) while the ISP router advertises the IPv6 prefix and acts as gateway for both IPv4 and IPv6. OpenWrt is
192.168.1.1+fe80:1c0:5208::1, and the ISP router is192.168.1.254.My devices will get their IPv4 from the OpenWRT box via DHCP and their IPv6 from the ISP via PD / SLAAC. DNS in both cases is provided by the OpenWRT box. With option
ra_preference 'high'devices in the network will set their IPv6 DNS server tofe80:1c0:5208::1(my OpenWRT box) instead of what the ISP router advertises that has a lower priority.