Why IPv6 still drives me crazy: there is the baked-in assumption that you own your range. This is fine for companies that meet the ARIN End-User requirements:
In any case, my issue is the multi-homing one, running 3 "sites”, but two of them are connected via dual-FTTH connections where the ISPs assign me my prefixes. So even if I get my own range, I can't use it on my providers' networks.
=> More informations about this toot | More toots from erik@infrageeks.social
@erik Yeah, that still kind of sucks, in terms of sorting it properly. As far as I can tell there's still no actual solution to this that doesn’t do some sort of address translation.
Did find this RFC, though;
https://datatracker.ietf.org/doc/rfc8678/
=> More informations about this toot | More toots from sindarina@ngmx.com
@sindarina Puts on reading glasses… (thanks for the link!)
=> More informations about this toot | More toots from erik@infrageeks.social
@erik It also links to this RFC, which has apparently been 'experimental' for well over a decade now, sigh.
https://datatracker.ietf.org/doc/rfc6296/
=> More informations about this toot | More toots from sindarina@ngmx.com
@sindarina And NPTv6/NAT66 isn't supported on RouterOS anyway. That one I've already delved into enough to know it's a dead end. It looks like I’m going to have to abuse ULA addressing for internal address assignment and for anything inbound go through a cloud hosted static proxy with a pinned VPN connection. Bleah.
Personally, I think that the impossibility for beginners/homelabbers/SMBs to tinker with IPv6 in any meaningful way is one of the major reasons it's not getting the uptake in smaller environments. IPv4 tooling with NAT remains accessible to anyone as long as you don’t get pushed behind CGNAT
=> More informations about this toot | More toots from erik@infrageeks.social
@erik It's quite possible to tinker with IPv6, you just need to stay away from multi-homing 😜
Also, ISPs who still don't support it, and ISPs who rotate your assigned prefix every time your modem reboots, etcetera, etcetera.
It's kind of wild, if you think about it; I have had IPv6 for at least 20 years, at this point, and yet here we are, still dealing with IPv4 brain 🙄
Oh, and speaking of RouterOS; I discovered this weekend that its internal ‘ping' command can ping IPv6 addresses, but not IPv6-only hostnames.
=> More informations about this toot | More toots from sindarina@ngmx.com
@erik Having a cloud 'branch office' works quite well, by the way. Also allows for a secondary site in Active Directory forests, for example, and also works great if you want to send all road warrior traffic over VPN, but the main office bandwidth is limited.
Have been doing this for a client for years, where we are now also running into the multi-homed IPv6 as a blocker for rollout 😄
=> More informations about this toot | More toots from sindarina@ngmx.com
@sindarina Yep - I’ve already got a small machine playing that role right now, so that’s the logical way to go. I’m going to look into extending my Zerotier setup to include the IPv6 stuff since you can do L2 over it as well (I know serious network folks frown on extending L2, but this might make my life simpler)
Ouch on multi-homed IPv6.
=> More informations about this toot | More toots from erik@infrageeks.social
@erik The IPv6 rollout remains a dream anyway, as nobody wants to fund the hours involved.
The internet works? Why would we need to add more internet?
=> More informations about this toot | More toots from sindarina@ngmx.com This content has been proxied by September (ba2dc).Proxy Information
text/gemini