IPv6 has made enough progress that it's totally possible to run your network off of it, regardless of what everyone else is doing, and if all of your neghbors are using IPv4, it won't harm your IPv6 network.
Also, part of the delay in the switch to IPv6 is that some work is needed to ensure that home routers and IoT devices default to reasonable security settings, and the absolute worst thing to do is force them to switch first, and figure out security later.
The answer isn't to force everyone to use something before its ready; the answer is to address every impediment, so it's worth it for everyone to switch. Sure it's slower, but it's much better than making users worse off by switching, converting them to detractors instead of supporters.
Doesn't IPv6 hurt anonymity? NAT is annoying, but hides the number of devices you have. ISPs assigning you different IPs at different times at least provides some measure of identity resetting.
To say nothing of how easy it is to keep IPv4 devices confined the local network
Or am I missing something?
https://en.wikipedia.org/wiki/IPv6_address#Temporary_address...
But if you're writing code at a higher level than the bsd sockets api, it's a whole can of worms.
- CGNAT 100.64.0.0/10
- "Benchmark" 198.18.0.0/15
mindslight•3d ago
The author lost me when they got into raw iproute commands. Not because I'm not acquainted (I run my own custom complex router using a standard Linux distro). But rather if someone knows enough to configure things at this level, then they would just come to this solution on their own. Most people trying to solve this problem will not - eg think that mobile video rack belonging to a touring musician.
Readily-accessible solutions I can come up with off the top of my head:
1. Two off the shelf routers and double NAT. The middle network can be changed if it conflicts with the outer network
2. One router/NAT, but two IP networks on the inner network - one statically assigned for devices to communicate with each other, and one assigned via DHCP for accessing the horizon through NAT. That second network can then easily be changed.
3. Play battleship more strategically using class E address space, DOD/BigCo address space, and/or smaller subnets in the middle of the customary size for a range (eg 192.168.1.160/27).
MartijnBraam•3d ago
There's also a lot of people that configure these devices (or linux routers) themselves but have never heard of VRFs, you got to learn about them somewhere so I just hope this helps some people :)
mindslight•3d ago
stirfish•3d ago
JSR_FDED•2d ago
master_crab•8h ago
But the third option honestly isn’t recommended enough. DoD space is rarely routable, and if you are on a private network already, even moreso. It’s also less common than RFC1918.
However, there is one caveat. Some large corporates do use it for just the same reason. Even though it is rarer than 10 or 172 space, you’d be surprised how many large orgs do run DoD internally.
(Disclaimer: I use DoD space for my travel router at hotels)
1oooqooq•6h ago