Yeah, I’ve disabled IPv4 but I still have NAT64 for discord and some mobile apps that don’t work without it.

Personally I don’t like using CLATs but it’s still nice to see this feature finally rolling out.

I hope they enable it, I don’t personally have it but the company I work for does and I’d love to enable v6 on our corporate lan

Hmmm, this is weird. I was trying to figure out the / at the start since no one answered that. I know java’s network stack does that but it doesn’t format addresses like this example. Java formats individual addresses like /2001:db8:0:0:0:0:0:0 or if a port is included /[2001:db8:0:0:0:0:0:0]:443 so it’s like…kinda a java format? Not sure

It is ambiguous. See this which could be either an address or address + port. 2001:db8:1::2:443

That is a valid address…expanded it would be 2001:db8:1:0:0:0:2:443 …but oh no, the intent was for it to be 2001:db8:1:0:0:0:0:2 with port 443…but you’d never know

It’s only official for URIs, outside of URIs there is no official notation because there is no official notation for ports. :port is also a URI thing so while you’ll find a lot of software using URI syntax or something similar it’s the wild west when URIs aren’t in use

Correct, and stateless translation is called SIIT which is the point of my comment. NAT64 traditionally refers to NAPT. Just like how NAT66 traditionally refers to NAPT and stateless 6to6 translation is usually referred to as NPTv6

I’m not saying it should be ignored. “Stateless NAT64” is technically called SIIT and is a mode of operation Jool supports too. I am mostly complaining about terminology here, not usefulness. Tayga is not a NAT64 and has different use cases.

IMO tayga shouldn’t even be branded as a NAT64. It can be used for SIIT or as a CLAT in a 464XLAT setup but crucially those are both different from true NAT64. The only FOSS NAT64 I’ve found is jool

Afaik jool doesn’t work as a CLAT only as a PLAT because it only hooks forwarded traffic and not local output traffic.

I find I ask less questions now because I’m a better programmer and just visit the site less in general. I used to ask a lot. I actually don’t find that many duplicates though, usually when I have a question there isn’t already an answer… usually because when I have a question I’m doing something insane, I find I do that a lot lol.

Consistently? Not that I can think of either but there was that one judge in the Oracle v Google Java case that I believe learned enough programming to call BS on oracle’s claims.

🤔, did it stop updating at some point?

The main disadvantage of ULAs is in dual stack networks windows prefers IPv4 over them. In principle Linux should too but glibc follows an older RFC and as a result in practice picks ULAs over IPv4. If your GUA space is subject to change I would definitely recommend ULAs. Dynamic DNS is more headache than it’s worth. As others have mentioned I would keep IPv4 out of your internal DNS so that ULAs are preferred, if you want to dual stack your internal DNS then there are ways to configure clients to prefer ULAs over v4. Personally I run both ULAs and GUAs internally even with my own direct allocation but that’s because of dn42. What I do on my gateways to prevent leaks is I have a routing policy that returns an ICMP host unreachable if source is fd00::/8 and destination is 2000::/3 that way the gateway blocks any address mismatch. I also have a policy for the opposite GUA to ULA scenario. One other note, technically ULAs are supposed to be random /48s, others have mentioned generating a /40 but that’s not technically in spec. Ideally you would generate one /48 per site or use a single /48 and then do a /56 per site. Obviously do what you want and what makes the most sense for you but I’m going to put that info out there.

All ISPs should do PD unless you’ve got some very special setup and they give you something that must be manually configured. Honestly too many ISPs still lack IPv6 and it’s baffling. I have a friend with Verizon FiOS and after years of not having it he finally got it earlier this year I think…only to have it get taken away a little while ago. Like what?

Even if that’s the case it doesn’t really change anything. I was more asking from an end user perspective as I’m hoping we never end up at a point where providers start doing this, however even if they do it doesn’t actually change anything in their routing table. Let’s say providers start giving everyone a /80 instead of a larger block, if they have 50 customers, 50 /80s is no worse than 50 /56s. The only time deaggregation is a problem is when the total number of routes increases but that’s not going to be caused by this as the point of the argument is if you don’t use /64s everywhere than almost any sized block becomes big enough for any sized organization. I really don’t understand why some people hate using a /64 everywhere, it’s not wasteful, it’s the design goal but that’s why this post exists to try to understand the technical downsides and unfortunately so far I’m wishing there were more than Android stops working and your network looks uglier.

I knew about 2003::/19 being allocated to DTAG but this list is an awesome summary and I didn’t know about the rest. The /19 going to the UK MoD is not surprising since they have 25/8 in v4 land. It is really weird that it’s capital one…like…ISPs and military always ends up with a lot of IP space…but why capital one?? Also the description of the space is internal space??? Especially since as of now they haven’t announced any of that space. I really hope it’s not just like a large private space, that’d be obscene. It really makes no sense to me. I can’t imagine they’d need…4 billion /48s…

This tbh

My network is entirely v6, I tolerate NAT64 given the current internet landscape but every service I can cut out that needs NAT64 the closer I can get to disabling NAT64 which is ultimately my goal. Still a long way from that but I’d like to get there. Additionally the NAT adds latency as it resides outside of my normal network path. I’ve also taken up a policy of not using new services that don’t have v6 if at all possible. That was a key factor in deciding what lemmy instance to use. While it might not matter to you it’s something I look at.

🤔 it does indeed have v6, through cloudflare but such is half the internet lol. Might give it a try

EDIT: Just the fact that searching IP address doesn’t show me a v4 address unlike ddg makes me warm and fuzzy, will definitely give this a run lol.