I’m not saying it should be ignored. “Stateless NAT64” is technically called SIIT and is a mode of operation Jool supports too. I am mostly complaining about terminology here, not usefulness. Tayga is not a NAT64 and has different use cases.
IMO tayga shouldn’t even be branded as a NAT64. It can be used for SIIT or as a CLAT in a 464XLAT setup but crucially those are both different from true NAT64. The only FOSS NAT64 I’ve found is jool
Afaik jool doesn’t work as a CLAT only as a PLAT because it only hooks forwarded traffic and not local output traffic.
I find I ask less questions now because I’m a better programmer and just visit the site less in general. I used to ask a lot. I actually don’t find that many duplicates though, usually when I have a question there isn’t already an answer… usually because when I have a question I’m doing something insane, I find I do that a lot lol.
Consistently? Not that I can think of either but there was that one judge in the Oracle v Google Java case that I believe learned enough programming to call BS on oracle’s claims.
🤔, did it stop updating at some point?
The main disadvantage of ULAs is in dual stack networks windows prefers IPv4 over them. In principle Linux should too but glibc follows an older RFC and as a result in practice picks ULAs over IPv4. If your GUA space is subject to change I would definitely recommend ULAs. Dynamic DNS is more headache than it’s worth. As others have mentioned I would keep IPv4 out of your internal DNS so that ULAs are preferred, if you want to dual stack your internal DNS then there are ways to configure clients to prefer ULAs over v4. Personally I run both ULAs and GUAs internally even with my own direct allocation but that’s because of dn42. What I do on my gateways to prevent leaks is I have a routing policy that returns an ICMP host unreachable if source is fd00::/8 and destination is 2000::/3 that way the gateway blocks any address mismatch. I also have a policy for the opposite GUA to ULA scenario. One other note, technically ULAs are supposed to be random /48s, others have mentioned generating a /40 but that’s not technically in spec. Ideally you would generate one /48 per site or use a single /48 and then do a /56 per site. Obviously do what you want and what makes the most sense for you but I’m going to put that info out there.
All ISPs should do PD unless you’ve got some very special setup and they give you something that must be manually configured. Honestly too many ISPs still lack IPv6 and it’s baffling. I have a friend with Verizon FiOS and after years of not having it he finally got it earlier this year I think…only to have it get taken away a little while ago. Like what?
Even if that’s the case it doesn’t really change anything. I was more asking from an end user perspective as I’m hoping we never end up at a point where providers start doing this, however even if they do it doesn’t actually change anything in their routing table. Let’s say providers start giving everyone a /80 instead of a larger block, if they have 50 customers, 50 /80s is no worse than 50 /56s. The only time deaggregation is a problem is when the total number of routes increases but that’s not going to be caused by this as the point of the argument is if you don’t use /64s everywhere than almost any sized block becomes big enough for any sized organization. I really don’t understand why some people hate using a /64 everywhere, it’s not wasteful, it’s the design goal but that’s why this post exists to try to understand the technical downsides and unfortunately so far I’m wishing there were more than Android stops working and your network looks uglier.
I knew about 2003::/19 being allocated to DTAG but this list is an awesome summary and I didn’t know about the rest. The /19 going to the UK MoD is not surprising since they have 25/8 in v4 land. It is really weird that it’s capital one…like…ISPs and military always ends up with a lot of IP space…but why capital one?? Also the description of the space is internal space??? Especially since as of now they haven’t announced any of that space. I really hope it’s not just like a large private space, that’d be obscene. It really makes no sense to me. I can’t imagine they’d need…4 billion /48s…
This tbh
My network is entirely v6, I tolerate NAT64 given the current internet landscape but every service I can cut out that needs NAT64 the closer I can get to disabling NAT64 which is ultimately my goal. Still a long way from that but I’d like to get there. Additionally the NAT adds latency as it resides outside of my normal network path. I’ve also taken up a policy of not using new services that don’t have v6 if at all possible. That was a key factor in deciding what lemmy instance to use. While it might not matter to you it’s something I look at.
🤔 it does indeed have v6, through cloudflare but such is half the internet lol. Might give it a try
EDIT: Just the fact that searching IP address doesn’t show me a v4 address unlike ddg makes me warm and fuzzy, will definitely give this a run lol.
Me
has 464xlat setup in a container for software that needs v4 as 464xlat is too much v4 for my main system
Me after seeing this
I want to run this instead because the less v4 I can have the better…still only in that container tho.
Edit: apparently this only supports TCP for some reason which makes it more or less useless for my use case. I need UDP support as well.
🤔 I hope you’re wrong but also I doubt you are. Ik a lot of people have been making a fuss about Android and DHCP, I do hope Google will stick to their guns on this. I feel like whether they do or not will have a massive impact on the direction v6 goes with subnet sizes in the future. Mostly in business environments which largely haven’t deployed v6 yet.
I've been contemplating spinning up lemmy in my infra which is also v6 only…good to know about this gotcha…it blows that this community is on an instance that won't federate over v6 though ://
Yeah but what I’m getting at is that upper router routing /96s shouldn’t be impacted. 10 /96s is basically indestinguisable from 10 /64s in terms of memory consumed. If I’m only using 10 subnets it shouldn’t matter what the size of those subnets are as long as the count stays the same. It’s when you start deagregating blocks into smaller chunks and consuming more of them than you would otherwise that you start eating table space. I can’t think of a situation where someone would consume more /96s than /64s given they’re both basically infinite addresses.
…you know…that’s a really good point. Honestly this whole thought started because I saw someone adamantly defend not wanting to use an entire /64 and being annoyed Android didn’t have DHCP and it got me thinking…if someone genuinely didn’t care about the design goals of v6 are there good reasons to stick to them if DHCP works everywhere. Like I care about the elegance…but not everyone does. I’ve never seen ISPs assign a /128 although I have heard about it. I have seen 1x/64 assignments though which is only marginally better…but if you stop caring about clean /64 subnets then it becomes manageable without having to resort to an NDP proxy.
I personally have mixed feelings on Google’s decision with DHCP. On the one hand I understand the frustration as it’s not their place to dictate your network architecture…on the other hand I think it’s admirable because it might be the one thing keeping that part of the v6 design goals alive when some wish it weren’t.
Does it conserve router space? I get what you’re getting at but if I have 10 subnets it doesn’t really matter from a route table perspective if they’re /96 or /64. What matters is subnet aggregation but I’m not sure the size matters?
🤔 does it actually break PD?..that’s actually not an awful reason if it does. Would actually make sense…outside of this post I fall into the /64 everywhere crowd, minus the cases for /127. Your gripe with point 2 is fair…although I haven’t come across any applications that need it…beyond the applications I’ve written that use it…because again IRL I’m in the /64 everywhere crowd. Thanks for the response though
Correct, and stateless translation is called SIIT which is the point of my comment. NAT64 traditionally refers to NAPT. Just like how NAT66 traditionally refers to NAPT and stateless 6to6 translation is usually referred to as NPTv6