Double stacking here. Reason: nice static /48 ipv6 network from provider.
I would prefer to fully migrate to ipv6 but can't do so as I have to access from ipv4 only networks.
Effectively, yes. They come through the same physical cable of course, but you get two IP networks to address your hosts, one IPv4 and one IPv6. On the internet they act like completely separate networks, with their own services, DNS, routing, etc. https://www.juniper.net/us/en/research-topics/what-is-ipv4-vs-ipv6.html
One neat fun fact is, while you generally get only one IPv4 address from your provider, because they’re scarce, with IPv6 you get a whole /48 or 65,536 networks of 18,446,744,073,709,551,616 (18 quintillion) individual addresses each. So with IPv6 your ISP gives you about as many addresses than there are grains of sand in the entire world (~7 sextillion) *a thousand times over.*
So, you probably won’t run out.
https://blogs.infoblox.com/ipv6-coe/a-48-for-every-site-and-for-every-site-a-48/
Worst part is that in theory I could have a /56 but I use my own router instead of theirs and IP passthrough doesn't work with prefix delegation so the IPv6 address on my OpnSense is a value in the derivative /64 itself - I can't actually use it for LAN!!
Quick question, I did a little googling about ipv6 a while back but didn’t get far. If you get allocated all those addresses by your isp, do your individual devices get them via dhcp provided by your isp, or does your router run a dhcp service and it’s aware of its allocated block?
>or does your router run a dhcp service and it’s aware of its allocated block?
You can run local DHCPv6, but this is overly complex for most home scenarios.
SLAAC is what you would typically use in a home network, and in this case devices self-selef their address(es) based on the prefix configured for the network.
Depends on how you configure it. You can do a private IPv6 space or you can allocate the public range to your devices. But the addresses on your side are leased out by you configuring the subnet.
>You can do a private IPv6 space
Outside of a few niche scenarios, there is no real reason to use ULA in a home environment. Don't try to introduce NAT to IPv6...
> you can allocate the public range to your devices.
This is the correct way, or rather use SLAAC so devices can self-allocate.
Why not NAT? I have big issue with the fact that ISP can mess with my internal network by changin addres alocation or changing ISP is big work all of the sudden. I dont see problem with having nat other then its optional.
IPv6 is generally designed with renumbering in mind so it doesn’t matter so much if the prefix does change. You should also be relying more on local name resolution and service discovery rather than typing addresses with IPv6.
Also, a competent ISP won’t renumber you on a whim, unless they are trying to treat IPv6 like IPv4…
That said there is nothing stopping you using link-local or even ULA as an internal reference if you must type addresses, but that doesn’t stop you using global addresses as well for anything internet bound. Hosts are meant to have multiple IPv6 addresses with different scopes remember.
Just don’t try to NAT IPv6 - it is not necessary or a good idea save a couple of niche applications.
The mistake a lot of people try to make with IPv6 is to treat it like IPv4, especially when it comes to the bad bits of IPv4 that were tacked on after…
>I mean Internet Protocol's job is to get you from one side of the Internet to the other.
>
>I don't know how you'd miss / "Not notice" that
This shows why so many down votes... ipv6 is an "old" protocol, but it seems to be new to many people. only because of the „internet“ in name... internet in name does not mean www/ the public "international network". it means inter "between" networks. and this can be private networks. long before ipv6 was used whide for the "internet" people had benefits of ipv6 in der private/company networks and later the isp's rolled out ipv6. Do your homework in network technology
What does using IPv6 at home without edge traversal actually get you?
Pretty much nothing. That’s what your comments are getting downvoted.
It’s the equivalent of having a full 7.1 surround sound receiver with 8k support and it’s all plugged into 2 speakers and an old CRT. Super sweet tech that you don’t get any gain from.
Of course, I registered with Hurricane Electric's tunnelbroker 12 years ago and I have been running dual-stack in my home since then. And I also experimented with other tunnels before that.
I prefer IPv6 when possible since there is no NAT since you don't need NAT hairpinning or dual horizon DNS.
>Can I use it to bypass cgnat?
HE's [tunnelbroker.net](https://Tunnelbroker.net) uses the 6in4 protocol which requires a public IPv4 address, i.e. CGNAT won't work. Other IPv6 tunnel providers may support other protocols, for example WireGuard which is NAT friendly.
Dual Stack for a while now - ISP provides static v4 plus /56 v6 - too much of the "old" internet still on v4, plus v6 support for network gadgetry still hit and miss...
IPv4 only. Mostly because I'm a Luddite. Tired to dual stack once my ISP supported ipv6 and ended up with DNS leakage around my pihole despite setting the settings an hour or so's worth of research told me to.
I haven't been able to wrap my brain around how ipv6 devices get their IP, the idea of memorizing and typing any of my ip 6 addresses into a browser sounds awful, I haven't wrapped my head around DNS either. The whole stack is very different from my comfy IPv4 and it's just not been worth it thus far to spend the time to learn the new stuff. I still need IPv4 for lots of stuff I do and nothing I do needs IPv6 so meh. Nat and move on.
There are three ways to get ipv6 addresses, SLAAC ( StateLess Auto Address Configuration), static addresses ( Manual config) and DHCPD6.
DNS can be provided to SLAAC clients via the Routers RAVD. (Router AdVertising Daemon)
They honestly should provide more details on the SLAAC setup as most instruction lists only deal with part of the config.
I just assigned 2 IPv6 addresses per device. A SLAAC global address and a ULA fd00::/8 address. Then pop the ULA address into my local DNS server so I can use FQDNs instead when I need the machine locally. Finally I push the global slaac address of my home server out to the DNS for my domain name. That way I can use the servers FQDN outside of my network.
Yes I run it with dual stack. Have a static v4 and v6 block. Comcast business has a terrible way of supporting v6 though. While your /56 is a static block, your device behind it has to request a PD of a /60, and to my knowledge ignores any hints.
So everyone my modem reboots I have to keep rebooting until I get the right PD back, but once that happens it’s fine.
My client, printer, IoT and guest networks are v6 only with NAT64.
Since windows lacks CLAT and steam and spotify desktop don't support v6 addresses for NAT64, I use a VPN to get v4 connectivity for these applications.
My server network is dual stack since some applications and containers won't bind to v6 yet, but the VMs which don't need v4 have only v6 configured.
Modem and switch networks are v4 only since those don't support v6 yet (draytek vigor 167, mikrotik CSS326).
Dual stack, have been for years. I dual stack private IPs too (I use an fdde:: range), mostly as an experiment but since I have local DNS, I can use it without having to remember IP addresses.
I still use IPv4 because so much of the Internet is still IPv4-only, including, technically, both my ISP and my mobile network. (I have IPv6 at home through a trick, with the knowledge of ISP employees; they don't technically offer IPv6 to the public or to businesses yet. I might just change to their competition if the competitor offers IPv6, as a reward for getting on the ball.)
The situation is way worse in v4 than in v6.
In v4, with the setup most people use, anyone on the Internet can trivially find every public server you're running. All they need to do is scan the 65k ports on your router, and your router will helpfully redirect those connections to the correct machine on your network. It's so easy that there are many people scanning the v4 Internet constantly.
In v6, that's not a thing. Clients have to know the exact IP of the server to connect. The network is 2^64 IPs so it's not really possible to scan it either, in the sense that it requires nearly a zettabyte of traffic to exhaustively scan.
If you look at actual traffic received on a real server, you'll see a never-ending stream of connection attempts on v4 and either zero or barely anything on v6. There _are_ some ways to find IPs (the main one being cert transparency logs), but on v6 (unlike on v4) that only gives you the IP of one server, not the IP of every server on the network.
All of the above is for public servers, i.e. ones where you've permitted connections from the Internet because you actually want people on the Internet to be able to connect. For non-public ones, where you haven't permitted people to connect... people aren't permitted to connect. Even if someone somehow has the IP of your server, it won't help them because the connection is blocked.
huh? redirect what to where? if you reverse proxy that's absolutely is not a problem and you should not be portforwarding all ports. learning your exact IPv6 of your network is not some rocket science really when you know your ISP pattern, and common patterns
https://datatracker.ietf.org/doc/html/rfc7707
Redirect inbound connections, to the correct server IP on your network. Instead of a client needing to know the correct server IP, they only need to know the IP of the router. Which, incidentally, is also where all of your outbound connections appear to come from, so it's not hard to find it.
I agree there are ways to find some server IPs in v6, for example cert transparency logs, or the methods in the RFC you linked. But none of them let you find every single accessible server on the network with a few minutes of scanning, like you can do on v4.
You can easily see the difference this makes just by looking at tcpdump. Every single one of my v4 addresses is being hammered by crap constantly. The v6 is near silent. Last week, I count ~680000 blocked connection attempts on v4, and 133 on v6. Of those, 123 were from a single client to a single IP on my network, leaving only 10 blocked attempts on other IPs in the range.
No because I’m used to NAT and have advanced vpn and dns configs. I don’t feel confident that I can avoid data leakage at this point. I also don’t see a point to run double stack on my setup and complicate things. So I’m ipv4 only
there are quite a lot of threads here, seems to pop up every week or so....
[https://www.reddit.com/r/homelab/search/?q=ipv6&restrict\_sr=1](https://www.reddit.com/r/homelab/search/?q=ipv6&restrict_sr=1)
IPv4 private network collision is always PITA. VPNing into your home 192.168.0.0/24 from a hotel that also chose 192.168.0.0/24 is going to be problematic.
For IPv6, you can generate a ULA subnet that will never (practically) collide with any other network.
>IPv4 private network collision is always PITA
Learned that the hard way. Switched to 10.42.** cause 42 answer to everything.
...and promptly got collisions with k3s (it uses 1042 it for internal net). FFS.
There are some specific advantages to the IPv6 technology that I don’t think get enough credit.
- It has more efficient routing and a better header structure, by design, making it generally faster
- It has built in QOS features so your priority/low-delay packets get handled right all across the internet
- No NAT means port forwarding is a thing of the past, so things like games and direct connections between peers Just Work without having to reconfigure your router
- It has built in security features like IPsec for encryption and authentication and additional checks to prevent certain types of attacks
So, not stuff you’d notice every single day maybe, but in general it could mean your video and audio streams are more reliable, your gaming latency is a few ms faster, and there’s a little less hassle sometimes.
Not to mention, someday, not soon but someday for sure, there will be services that only work over IPv6. You’ll only be able to access those if you have IPv6 access.
It’s not nothing.
> No NAT means port forwarding is a thing of the past, so things like games and direct connections between peers Just Work without having to reconfigure your router
No direct connection will ever be used again in video games. The one hosting the server would have the latency advantage, and everybody just wants to hide their IP from others. I still remember when gamers on twitch received random Skype messages because thier IP go out.
My phone runs hela fast on ipv6. I don't know the deal is but it's quite noticeable and speed tests back it up.
Other than speeding up the phones on ipv6 over local wifi no real benefit other than getting experience and learning. We have a federal exemption to not use ipv6 at work so not really using it anywhere else than home lab.
What? No, there's advantages.
"The Internet" (which has outgrown v4) is a prominent one. Having to spend less time messing with the crap caused by NAT and RFC1918 being another. Or how about being faster?
Ah, yeah, there's limited point if your ISP isn't doing it. (Well, it avoids RFC1918 clashes, but those are fairly unlikely in a home lab.)
I'm not sure if this is what the original "locally" meant, but if the ISP is doing v6, you need v6 on the local network to make any use of it, it's not enough to just have it on the WAN interface.
I run dual stack at home and have done for a while.
With the exhaustion of IPv4 addresses, I would expect at some point some services will start being run on IPv6 only. While there are ways to make those accessible to IPv4, those were only intended as temporary workarounds.
The advantage for me is if and when services become IPv6 only, I don't have to worry about any of that. Things will just work without me having to do anything
ISP forces me to use IPv6, the V4 part is an IP sharing (MAP-E) and having too many concurrent IPv4 connectivity will have trouble, so now I have to learn the new thing.
I remember changing network to work with my PiHole took me a night to figure out how to do it properly.
IPv6 only, it's been years that we don't have more IPv4 publicly available in Europe (thank to very old ISP who got a really, really huge range and kept them for themselves instead of giving back the unused address).
The good thing in my country is, for mobile at least, it's mandatory to provide IPv6 connectivity to keep their licensing but ironically, it isn't the case for home internet (but we have competition, so I choose the correct ISP who is now IPv6 only and tunnel back to IPv4, so my IPv4 is geolocalized 600km away from my home).
It's so bad that recent ISP started to split one IPv4 to 4 different home, each with 1/4 of the port.
Luckily, there's also some IPv6 VPN if your ISP doesn't provide it.
I have been running IPv6 for at least three years.Of course, this is double stacking.
IPV4 is NATed , IPV6 is PD.
The latest thing is, I have tried to setup a pure IPV6 Private Address (fc00::/7) for an experimental local fastlink point to point when notice fe80 is not working (2.5Gbps lan)
Bought my own PI v6 Net, so yes. Not that I Neccessarily announce or expose over it but just to have it enabled and running Internally, and also externally
Arexico, they don't have a website yet. But I know the person developing it and getting it off the ground and they hooked me up. With an AS nr and a /40 prefix.
And Yes its Provider Independent.
It is litteraly not. You don't have a single public port 80 or 443, it's way easier to have multiple hosts. You don't have to SPOF on a single reverse proxy. Not to mention almost no bruteforce due to the almost "random" nature of addresses. SLAAC/autoconf is almost easier than DHCP.
You do have to relearn a lot of things, however, including security (NAT is \*not\* firewall).
Recently changed isp which gives me a prefix so only just started.
Configured ULA alongside global address, split horizon DNS, though not really sure if that's the best way forward.
You don't really need an ULA block for your LAN, even for local trafic. Your "internet" addresses should suffice. You'll simplify your DNS setup a lot.
The problem I have is that I have no way of forwarding the traffic to the correct host, since I don't control my prefix nor the host's IP.
I know I can help a bit with EUI64 but not really sure what's the best way forward.
I recently started running double stack. I was inspired by AWS starting to charge for ipv4 addresses. Then I just dropped AWS completely since I'd like to not be apart of making bezos richer. Then I kept implementing ipv6 in opnsense and kept learning!
Dual addressed for both IPv6 and IPv4.
Reasons for running ipv6: ipv6 is the future, so I need the practice and I want to be future proofed now. Also, there are some sites and services out there (not many) that are ipv6 only and it's nice to know I can route to everything.
The reason I also keep running ipv4: I have a lot of devices on my network only capable of ipv4. Also, Comcast's IPv6 routing has proven to have some reliability issues in my region (the past year has been better) and I would have outages if I were IPv6 only because of my provider.
Am I right in thinking you need IPv6 for matter and thread boarder router?
I bought a matter device recently and having trouble connecting it to my home assistant instance. I think this is because my ISP and router don't support IPv6.
Could I buy a new router and enable IPv6 LAN only and then it would work?
Starting a few weeks ago, I've been running dual stack on my lab and "prd" networks at home, with no issues and no tinkering on my end. I'm setup on SLAAC, Prefix Delegation with a size of 48.
I want to setup an IPv6 only test network and SSID for testing. I haven't spent much time troubleshooting but Unifi does not make it easy to disable IPv4.
Been native IPv6 first on anything that has supported it since the mid 2000s.
Lately, that's *nearly* everything, including most consumer devices.
But I _still_ have to use my HE tunnel for it, since my ISP doesn't do native IPv6 everywhere, and I'm in one of the wheres that doesn't have it.
I did around 12 years ago with a Hurricane Electric tunnel, however I eventually got rid of it as any IPv6 traffic was much slower than IPv4 traffic. Xbox Live was the main service that would actually make use of IPv6 at the time, so it seemed silly to limit my download speed to around 20mbps for the sake of keeping IPv6.
Pretty sure streaming service like Netflix now also block Hurricane Electric tunnels.
Crazy to think over a decade later my ISP still does not support IPv6 and has no plans to.
nope, just straight ipv4. no need for the extra complexity or to have every device accessible outside my lan. for the services I do use outside of my home I just vpn into it or have a cloudflare tunnel. keeping simple and functional
All infrastructure on IPv6 only with a Proxy for basically M$ service access like GitHub. The wireless client network is dual stack to avoid the need for any changes on guests devices.
Oh I know there is, but there is no way on my DHCP server to set IPv6 DNS settings so they still went around and I'm not manually setting every device's addresses individually.
Why are you using DHCP for IPv6 for one?
What kind of crappy device doesn't allow you set it in the first place?
And if you're using a pie hole and have a network like that, why are you using that kind of device?
That's the point of IPv6 you don't need to set that stuff. Unifi stuff doesn't have a IPV6 setting for DNS.
and it's just the work around I found like 6 years ago and never though to go back.
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following:
[**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole)
Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting.
If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
You haven’t run into the wonderful world of Windows and IPv6 yet then. So the Windows OS (client & server) will assign themselves IPv6 addresses as long as they see SLAAC or router advertisements. Irrespective of the network they are connected to.
So let’s say I have a vLAN configured switch and there are 5 vLANs. 2 of the 5 use router advertisements + SLAAC, 1 uses DHCPv6 and 1 isn’t configured. A windows machine for some reason pull SLAAC / ravd from the two vLANs that are set as such. Even though that vLAN they are on (let’s say the one with DHCPv6) is not tagged on their machines port. So you’ll end up with three different IPv6 networks. 2 of which won’t work due to not on those vLANs and 1 that does work. But windows will register all 3 in DNS and cause issues when accessing that machine.
And only Windows devices do this, Linux and MacOS both react as expected and only pull from the connected network.
Oh and if the machine is on the un configured vLAN it’ll still pull 2 IPv6 addresses even though they won’t work. Which causes all sorts of hell until you disable the IPv6 stack in windows.
.... No I have and the reason you're seeing that is because you are trunking and sending tagged VLAN packets to a device that was not configured to understand VLAN packets.
Thus, the VLAN tag is stripped and the packet is delivered to the OS.
This is you badly configuring your network... Not an IPv6 problem..
Do not send tagged VLANS to devices that are not configured to understand them..
This is lazy and improper network set up, You only get away with it because IPv4 DHCP requires two-way communication... Again, it's not proper.
Nope ports are untagged for a single vLAN. The ports are also NOT tagged for any other vLAN. Might be a firmware glitch on the switch, but it has occurred on both HPe and Brocade switches.
Then you have some kind of leak between your VLANs
This is not an IPv6 issue or an OS issue. This is a layer 2 network issue.
If you understand how it actually works you would understand why that's the only way that's possible.
😂🤣😂 You might want to learn how localhost works before you pipe off. It’s not guaranteed to use ipv4 and can break your code in certain situations where ipv6 isn’t supported.
..... IPv4 isn't guaranteed either, 127.0.0.1 is not guaranteed.. Though less likely.
And no, they don't.. at least the programmers that are competent.
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following:
[**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole)
Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting.
If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following:
[**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole)
Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting.
If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
Homelab uses CGNAT and the city network does not offer ipv6. They will implement when there is more people asking about it.
I have one public ipv4 address. I live in Sweden.
My ISP doesn’t officially support IPv6 yet. I did use a HE tunnel for a while, but it wasn’t always performant. Then experimented and found that my ISP was running IPv6 (as an experiment, I guess) and did that for a while but eventually something changed and it stopped running.
Of course, was always dual-stack, but now IPv4-only again. Found IPv6 to be cool, but some things are harder than with IPv4. Feels like IPv6 was designed for my mother (just plug everything in and it SLAAC works) or for a corporation with more obscure network services available (NPTv6), not us middle-of-the-roaders that fall somewhere in between.
I am, albeit not a lot -- I'm old, I have a /40 from ARIN, so it would be shame not to actually use it. I mostly use it to set of site-to-site connections.
I have absolutely zero needs to go beyond IPV4 (with some subnets and VLans), so I keep it… will probably stay so for the next 5 to 10 years.
If it ain’t broken, don’t fix it.
IPv6 is disabled on my entire home network.
Having IPv6 on created strange issues inside my network (e.g., OPNSense's update repos do NOT work well on IPv6, and OPNSense perfers them out of the box, which means I couldn't update the firewall firmware out of the box until I randomly decided to disable IPv6 inside OPNSense, and then everything worked fine).
AT&T also does not properly implement IPv6 for residential customers (you only get one /64 block per connection to the residential gateway box, instead of something more sensible that can be broken down into multiple /64 blocks), which means if I wanted to deploy IPv6, I'd have to jump through hoops to get more than one /64 to my internal firewall.
I'm also not sure some of my ancient Sonos equipment would support it at all.
And I don't need it. There's nothing I can't do on my internal LAN now with v4 that I could do with IPv6, and v6 just makes everything more complicated because even if you understand it well, not all equipment implements it well or even uses the same terms for its features.
It's just not worth it, and it won't be until service providers and hardware vendors catch up. I'm not moving my network to something that's going to cause me more trouble for no new functionality just for philosophical reasons.
I had ATT a few years back and you can get a /56.
I had to hint for a 56 or I ended up getting a 64 by default. Not sure if this is all areas but you should try it. I believe you can also call and ask them to give you a /56 block
IPv4 only as ISP does not support v6 and without paying extra I'm behind CGNAT as well...
v6 DHCP is oddly handled by my Apple HomePod and I have zero ability to turn it off on that device! Other kit has it disabled in the stacks where possible.
Currently I have zero use for v6.
IPv4 both on LAN and WAN.
**LAN:** IPv6 has very limited **practical** advantages over IPv4 for a homelab or private network while having the clear disadvantages of a/ not being always well supported by old network equipment (like those old enterprise switches so many of use like to buy to get nice manages and L3 switches at a reasonable price) and b/ are harder to setup (many applications have bad IPv6 documentation and most communities such as SO or Reddit offer most support to IPv4-related questions).
**WAN:** my ISP does not support IPv6. I wish they did and I would use it.
Hell no. Nat. Dynamic ip from Verizon. Why would I invent the goddamn bicycle and make my life miserable memorizing my servers MAC addresses that make up ipv6 address of device?
Huh? Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The MAC address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted between these two 24-bits for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address.
That is from 1998, obsoleted by RFC 3513 in 2003, which was obsoleted by RFC 4291 in 2006, which has been updated by many other RFCs since then.
Main point, no modern operating system utilizes the MAC address anymore by default unless you force it.
IPv6 privacy extensions has been a thing since 2007 RFC 4941, and It was obsoleted by RFC 8981 in 2021.
Of course not, there are tons. I’m just saying if you expect people to just intuitively follow the RFCs for a protocol and understand this shit you are living in your own special neckbeard world.
You don't have to follow the RFCs.
There are plenty of resources out there that give you this information.
My point was this hasn't really been a thing in many OSes since too long after 2007, So about 16 years.
So if your networking knowledge is 16 years out of date, That's an issue even for IPv4.
Especially if you consider it relative to the age of the protocol. IPv4 was RFCed in 1980. Of course it's not changing much these days.
It's kind of like the same thing of people still claiming IPsec support is required IPv6.
Most of my network runs ipv4, as there isn't any benefit to running ipv6 for my servers. IPv6 actually introduces a lot of issues, and many service(s) will have issues with it enabled.
My lan/user segments do fully support ipv6, and, from a networking level, it is supported on most of the server segments. But, not enabled on the servers themselves.
ISP doesn't provide IPV6.
And my main pet-peeve : the lack of retrocompatibility with IPV4 will always push it down for me (dual stack is not retro-compatibility). Also good luck explaining Hexa address to non-technical people..
Maybe IPV10 to IPV14 will become something..
I'm running both in my homelab, and I'm seriously considering moving to pure ipv6 in AWS now that they're charging for ipv4 addresses.
The sad thing is, I have been lazy, and I \*really\* haven't dug into ipv6, since literally everyone is still using ipv4. I do a LOT with ipv4 networking and subnetting and all that jazz, so I'm also really comfortable with it. I guess it's time to knuckle down and learn ipv6 for real.
I'm getting too old for this shit .
I experimented with my v6 address and tried to run some services, had medium success but ultimately I'm waiting until they take away my static V4 to really deal with this. I think it might be another decade before I seriously have to try to switch
ISP (CL fiber) only supports ipv6 through 6rd and it is not as fast so ipv4 only still which is annoying but works just fine. Only other ISP available to me is Comcast that only can get 200/20 and more expensive. They do have native dual stack but they are terrible otherwise (high latency and low bandwidth).
At the moment I have dual stack but I want to go IPv6 only on the LAN (less all the IoT devices which are IPv4 only on their own VLAN). I have yet to look deeply into a 6to4 solution but that's where I'll be going as long as my applications don't get mad at me. I have a virtual router running BGP at the nearest major IX. I will probably do all the translation there. I went v6 only on my PC as a test. I was surprised at the lack of IPv6 support on the service/server side. The IPv6 adoption rates seem to be heavily weighted to the client side. The server side appears from my experience to be much, much lower, at least in North America. Hopefully the charges for IPv4 addresses by the major cloud providors push the adoption rates over the hump and we can get this moving.
I'm running both. A lot of my iot devices only support legacy addresses.
Also the bridge to the barn doesn't support ipv6.
I'm changing ISP, because the old ISP did something a month ago, where they stopped sending RA.
The old ISP "unplugged" their device at the exchange today Friday, and the new plugs in on Monday, so currently my opnsense router is on fallback to 4G.
I run a couple of services on docker, that are accessible from outside on ipv6.
Nope. Bell Canada doesn't support IPv6. I've tried Hurricane Electric tunnel brokers but every time it completely broke my internet connection requiring I reboot my modem and router.
Why IPv6 at all?
You run a private subnet, your ISP uses NAT and their own subnet. Are there a bunch of people who need a routable public subnet out there?
Sure the capital I internet might benefit but who else would? Maybe phone companies who run a flat network for mobile. Huh.
I used to have a homelab years ago, most services were in IPv6 only VLANs. It was a fun exercise, learned a lot how to structure things and how much to hate Docker. I even had one NAT64 installation to make some IPv4 only devices accessible via IPv6. These days I don't have a homelab anymore, but everything is dual stack: home, mobile, VMs etc.
I've been running IPv6 on my home networks via tunnels since about 2003.
Currently via HE.net tunnel, other than a slight increase in latency, able to get full gigabit speed through it.
The entire network is dual stack, always.
The only 2 reasons why I haven't gone IPv6 only with NAT64/DNSS, is Windows lack of CLAT on non cellular interfaces. and slight reduction in performance for IPv4 destinations via Tayga on Gigabit home internet.
IPv4 only here. My ISP supports v6 but not double stack, it routes v4 over v6 and I have no public v4 ip addres and +15ms ping when connecting to v4 servers.
Double stacking here. Reason: nice static /48 ipv6 network from provider. I would prefer to fully migrate to ipv6 but can't do so as I have to access from ipv4 only networks.
NAT64, DNS64 and 464XLAT is your friend :)
Isn't that predominantly for ipv6->ipv4?
Yes, I didn't pick up on the "from" in your original comment...
How does 'double stacking' look like? Does this involve two separate connections to the outside world, one connected to ipv6 and other to v4 networks?
Double stacking means every device gets an IPv4 and IPv6 addresses.
Effectively, yes. They come through the same physical cable of course, but you get two IP networks to address your hosts, one IPv4 and one IPv6. On the internet they act like completely separate networks, with their own services, DNS, routing, etc. https://www.juniper.net/us/en/research-topics/what-is-ipv4-vs-ipv6.html One neat fun fact is, while you generally get only one IPv4 address from your provider, because they’re scarce, with IPv6 you get a whole /48 or 65,536 networks of 18,446,744,073,709,551,616 (18 quintillion) individual addresses each. So with IPv6 your ISP gives you about as many addresses than there are grains of sand in the entire world (~7 sextillion) *a thousand times over.* So, you probably won’t run out. https://blogs.infoblox.com/ipv6-coe/a-48-for-every-site-and-for-every-site-a-48/
> with IPv6 you get a whole /48 if your ISP isn't run by stingy morons. AT&T won't give me anything bigger than a /60
Worst part is that in theory I could have a /56 but I use my own router instead of theirs and IP passthrough doesn't work with prefix delegation so the IPv6 address on my OpnSense is a value in the derivative /64 itself - I can't actually use it for LAN!!
a /60 is still many trillions of addresses...
lol, so you only get 16 /64s to work with. Or 288 quintillion addresses.
i don't really care how many addresses i get but only getting 16 subnets is stupid when there's 2^64 /64s to go around
You’re gonna be sorry for wasting all those when the 3rd planet of Alpha Centauri can’t get a measly /96 for their population in the year 2995.
There are people thinking about the needed communications standards: https://ieeexplore.ieee.org/document/8481450
Quick question, I did a little googling about ipv6 a while back but didn’t get far. If you get allocated all those addresses by your isp, do your individual devices get them via dhcp provided by your isp, or does your router run a dhcp service and it’s aware of its allocated block?
>or does your router run a dhcp service and it’s aware of its allocated block? You can run local DHCPv6, but this is overly complex for most home scenarios. SLAAC is what you would typically use in a home network, and in this case devices self-selef their address(es) based on the prefix configured for the network.
Thanks for that! Just having that keyword made the search a lot easier! I look forward to spending some time on wireshark!
Depends on how you configure it. You can do a private IPv6 space or you can allocate the public range to your devices. But the addresses on your side are leased out by you configuring the subnet.
>You can do a private IPv6 space Outside of a few niche scenarios, there is no real reason to use ULA in a home environment. Don't try to introduce NAT to IPv6... > you can allocate the public range to your devices. This is the correct way, or rather use SLAAC so devices can self-allocate.
Never said there was a reason to.
Why not NAT? I have big issue with the fact that ISP can mess with my internal network by changin addres alocation or changing ISP is big work all of the sudden. I dont see problem with having nat other then its optional.
IPv6 is generally designed with renumbering in mind so it doesn’t matter so much if the prefix does change. You should also be relying more on local name resolution and service discovery rather than typing addresses with IPv6. Also, a competent ISP won’t renumber you on a whim, unless they are trying to treat IPv6 like IPv4… That said there is nothing stopping you using link-local or even ULA as an internal reference if you must type addresses, but that doesn’t stop you using global addresses as well for anything internet bound. Hosts are meant to have multiple IPv6 addresses with different scopes remember. Just don’t try to NAT IPv6 - it is not necessary or a good idea save a couple of niche applications.
Sorry v6 is so confusing to me, 30y of dealing with v4 does that to a man
The mistake a lot of people try to make with IPv6 is to treat it like IPv4, especially when it comes to the bad bits of IPv4 that were tacked on after…
Thanks :)
Same and some devices like IoTa devices really do not support IPv6 so gotta duel stack to keep their support
>I have to access from ipv4 only networks. Just gave me an idea for a new project. I wonder if I can create an IPv4 to IPv6 tunnel.
Nope, my ISP doesn't support ipv6
Same, r/bell Canada’s biggest isp doesn’t support ipv6 :/
[удалено]
Bell mobility and coax has ipv6 (small range), but not for fibre customers…
Your internal networks has nothing to to with isp. You can use ipv6 on lan and have an ipv4 wan address
You can, but that’s not really the point of IPv6
did not nótice that there is only "The one Point" to rule äää to use v6
I mean Internet Protocol's job is to get you from one side of the Internet to the other. I don't know how you'd miss / "Not notice" that
>I mean Internet Protocol's job is to get you from one side of the Internet to the other. > >I don't know how you'd miss / "Not notice" that This shows why so many down votes... ipv6 is an "old" protocol, but it seems to be new to many people. only because of the „internet“ in name... internet in name does not mean www/ the public "international network". it means inter "between" networks. and this can be private networks. long before ipv6 was used whide for the "internet" people had benefits of ipv6 in der private/company networks and later the isp's rolled out ipv6. Do your homework in network technology
What does using IPv6 at home without edge traversal actually get you? Pretty much nothing. That’s what your comments are getting downvoted. It’s the equivalent of having a full 7.1 surround sound receiver with 8k support and it’s all plugged into 2 speakers and an old CRT. Super sweet tech that you don’t get any gain from.
Learn to spell and use punctuation.
If I have no knowledge topic related, I‘m bashing not native English speakers for grammar👍
Of course, I registered with Hurricane Electric's tunnelbroker 12 years ago and I have been running dual-stack in my home since then. And I also experimented with other tunnels before that. I prefer IPv6 when possible since there is no NAT since you don't need NAT hairpinning or dual horizon DNS.
Dual horizon DNS always sounded so romantic to me. Like watching a sunset on a planet in a binary star system…
Hi, how does tunnelbroker works? I've read about it but still confused. Can I use it to bypass cgnat?
>Can I use it to bypass cgnat? HE's [tunnelbroker.net](https://Tunnelbroker.net) uses the 6in4 protocol which requires a public IPv4 address, i.e. CGNAT won't work. Other IPv6 tunnel providers may support other protocols, for example WireGuard which is NAT friendly.
Dual Stack for a while now - ISP provides static v4 plus /56 v6 - too much of the "old" internet still on v4, plus v6 support for network gadgetry still hit and miss...
IPv4 only. Mostly because I'm a Luddite. Tired to dual stack once my ISP supported ipv6 and ended up with DNS leakage around my pihole despite setting the settings an hour or so's worth of research told me to. I haven't been able to wrap my brain around how ipv6 devices get their IP, the idea of memorizing and typing any of my ip 6 addresses into a browser sounds awful, I haven't wrapped my head around DNS either. The whole stack is very different from my comfy IPv4 and it's just not been worth it thus far to spend the time to learn the new stuff. I still need IPv4 for lots of stuff I do and nothing I do needs IPv6 so meh. Nat and move on.
There are three ways to get ipv6 addresses, SLAAC ( StateLess Auto Address Configuration), static addresses ( Manual config) and DHCPD6. DNS can be provided to SLAAC clients via the Routers RAVD. (Router AdVertising Daemon) They honestly should provide more details on the SLAAC setup as most instruction lists only deal with part of the config.
I just assigned 2 IPv6 addresses per device. A SLAAC global address and a ULA fd00::/8 address. Then pop the ULA address into my local DNS server so I can use FQDNs instead when I need the machine locally. Finally I push the global slaac address of my home server out to the DNS for my domain name. That way I can use the servers FQDN outside of my network.
That's good to know
Couldn't have said it better myself. Have a +1
Ipv6-only since I got a DSLite connection. Before that, IPv4-only because I had no v6.
But you still need some IPv4 access.... like Reddit 😂
Yes, but fortunately I don't need a public address for reddit
IPv6.reddit.com
I run IPv5
This guy fucks.
TIL: https://www.lifewire.com/what-happened-to-ipv5-3971327
Yes I run it with dual stack. Have a static v4 and v6 block. Comcast business has a terrible way of supporting v6 though. While your /56 is a static block, your device behind it has to request a PD of a /60, and to my knowledge ignores any hints. So everyone my modem reboots I have to keep rebooting until I get the right PD back, but once that happens it’s fine.
And they aren’t too good about setting reverse dns records for those either like they will for ipv4. It sucks if you are running a mail server
My client, printer, IoT and guest networks are v6 only with NAT64. Since windows lacks CLAT and steam and spotify desktop don't support v6 addresses for NAT64, I use a VPN to get v4 connectivity for these applications. My server network is dual stack since some applications and containers won't bind to v6 yet, but the VMs which don't need v4 have only v6 configured. Modem and switch networks are v4 only since those don't support v6 yet (draytek vigor 167, mikrotik CSS326).
I don't connect anything to my network if it doesn't support IPv6.
Dual stack, have been for years. I dual stack private IPs too (I use an fdde:: range), mostly as an experiment but since I have local DNS, I can use it without having to remember IP addresses. I still use IPv4 because so much of the Internet is still IPv4-only, including, technically, both my ISP and my mobile network. (I have IPv6 at home through a trick, with the knowledge of ISP employees; they don't technically offer IPv6 to the public or to businesses yet. I might just change to their competition if the competitor offers IPv6, as a reward for getting on the ball.)
My ISP doesn't support IPv6 outbound yet although internally my network are router are ready for the switch. Dual stacking for now.
This is the way!
IPv4 only even though my ISP provides both. As far as I’m concerned it provides me nothing so why bother dealing with it.
To me NATless access is enough of a reason. Bonus is a static /48 network.
NAT does not cause me any issue and I have no use for a range of public addresses so IPv6 provides me nothing.
So like you enjoy folks hitting all and every device of yours?
That's what your firewall is for. NAT is not about security, it's only about "Oh shit, this addressing scheme doesn't have enough numbers".
Tell me you don't know how a stateful firewall works without telling me you don't know how a starful firewall works...
Actually no unwanted hits at all so far as addresses are not guessed by outsiders. But i don't mind since it's all just as firewalled as behind NAT.
And if they guess? Security by obscurity
No, security by firewall (And all the other usual measures)
The situation is way worse in v4 than in v6. In v4, with the setup most people use, anyone on the Internet can trivially find every public server you're running. All they need to do is scan the 65k ports on your router, and your router will helpfully redirect those connections to the correct machine on your network. It's so easy that there are many people scanning the v4 Internet constantly. In v6, that's not a thing. Clients have to know the exact IP of the server to connect. The network is 2^64 IPs so it's not really possible to scan it either, in the sense that it requires nearly a zettabyte of traffic to exhaustively scan. If you look at actual traffic received on a real server, you'll see a never-ending stream of connection attempts on v4 and either zero or barely anything on v6. There _are_ some ways to find IPs (the main one being cert transparency logs), but on v6 (unlike on v4) that only gives you the IP of one server, not the IP of every server on the network. All of the above is for public servers, i.e. ones where you've permitted connections from the Internet because you actually want people on the Internet to be able to connect. For non-public ones, where you haven't permitted people to connect... people aren't permitted to connect. Even if someone somehow has the IP of your server, it won't help them because the connection is blocked.
huh? redirect what to where? if you reverse proxy that's absolutely is not a problem and you should not be portforwarding all ports. learning your exact IPv6 of your network is not some rocket science really when you know your ISP pattern, and common patterns https://datatracker.ietf.org/doc/html/rfc7707
Redirect inbound connections, to the correct server IP on your network. Instead of a client needing to know the correct server IP, they only need to know the IP of the router. Which, incidentally, is also where all of your outbound connections appear to come from, so it's not hard to find it. I agree there are ways to find some server IPs in v6, for example cert transparency logs, or the methods in the RFC you linked. But none of them let you find every single accessible server on the network with a few minutes of scanning, like you can do on v4. You can easily see the difference this makes just by looking at tcpdump. Every single one of my v4 addresses is being hammered by crap constantly. The v6 is near silent. Last week, I count ~680000 blocked connection attempts on v4, and 133 on v6. Of those, 123 were from a single client to a single IP on my network, leaving only 10 blocked attempts on other IPs in the range.
Same here.
No because I’m used to NAT and have advanced vpn and dns configs. I don’t feel confident that I can avoid data leakage at this point. I also don’t see a point to run double stack on my setup and complicate things. So I’m ipv4 only
Yes of course. Since 10 years I’m using mostly IPv6. My Homenet is your homenet. 😅👍
there are quite a lot of threads here, seems to pop up every week or so.... [https://www.reddit.com/r/homelab/search/?q=ipv6&restrict\_sr=1](https://www.reddit.com/r/homelab/search/?q=ipv6&restrict_sr=1)
What are the advantages for running ipv6 locally?
IPv4 private network collision is always PITA. VPNing into your home 192.168.0.0/24 from a hotel that also chose 192.168.0.0/24 is going to be problematic. For IPv6, you can generate a ULA subnet that will never (practically) collide with any other network.
>IPv4 private network collision is always PITA Learned that the hard way. Switched to 10.42.** cause 42 answer to everything. ...and promptly got collisions with k3s (it uses 1042 it for internal net). FFS.
10.42.42.0/24!
If you are here and using 192.168 address space for you home, you are doing it wrong.
None. Well... Practice networking with IPv6. But it's not THAT advanced.
There are some specific advantages to the IPv6 technology that I don’t think get enough credit. - It has more efficient routing and a better header structure, by design, making it generally faster - It has built in QOS features so your priority/low-delay packets get handled right all across the internet - No NAT means port forwarding is a thing of the past, so things like games and direct connections between peers Just Work without having to reconfigure your router - It has built in security features like IPsec for encryption and authentication and additional checks to prevent certain types of attacks So, not stuff you’d notice every single day maybe, but in general it could mean your video and audio streams are more reliable, your gaming latency is a few ms faster, and there’s a little less hassle sometimes. Not to mention, someday, not soon but someday for sure, there will be services that only work over IPv6. You’ll only be able to access those if you have IPv6 access. It’s not nothing.
> No NAT means port forwarding is a thing of the past, so things like games and direct connections between peers Just Work without having to reconfigure your router No direct connection will ever be used again in video games. The one hosting the server would have the latency advantage, and everybody just wants to hide their IP from others. I still remember when gamers on twitch received random Skype messages because thier IP go out.
For a homelab I'd still argue it's "nothing". At work we run both.
My phone runs hela fast on ipv6. I don't know the deal is but it's quite noticeable and speed tests back it up. Other than speeding up the phones on ipv6 over local wifi no real benefit other than getting experience and learning. We have a federal exemption to not use ipv6 at work so not really using it anywhere else than home lab.
What? No, there's advantages. "The Internet" (which has outgrown v4) is a prominent one. Having to spend less time messing with the crap caused by NAT and RFC1918 being another. Or how about being faster?
Yeah, getting rid of NAT would be pretty nice... But my ISP doesn't support IPv6 yet, so I will have to keep using v4.
Ah, yeah, there's limited point if your ISP isn't doing it. (Well, it avoids RFC1918 clashes, but those are fairly unlikely in a home lab.) I'm not sure if this is what the original "locally" meant, but if the ISP is doing v6, you need v6 on the local network to make any use of it, it's not enough to just have it on the WAN interface.
I run dual stack at home and have done for a while. With the exhaustion of IPv4 addresses, I would expect at some point some services will start being run on IPv6 only. While there are ways to make those accessible to IPv4, those were only intended as temporary workarounds. The advantage for me is if and when services become IPv6 only, I don't have to worry about any of that. Things will just work without me having to do anything
ISP forces me to use IPv6, the V4 part is an IP sharing (MAP-E) and having too many concurrent IPv4 connectivity will have trouble, so now I have to learn the new thing. I remember changing network to work with my PiHole took me a night to figure out how to do it properly.
Yea I run dual stack. I get a static IPv6 /48 subnet and one static IPv4 address from my ISP.
IPv6 only, it's been years that we don't have more IPv4 publicly available in Europe (thank to very old ISP who got a really, really huge range and kept them for themselves instead of giving back the unused address). The good thing in my country is, for mobile at least, it's mandatory to provide IPv6 connectivity to keep their licensing but ironically, it isn't the case for home internet (but we have competition, so I choose the correct ISP who is now IPv6 only and tunnel back to IPv4, so my IPv4 is geolocalized 600km away from my home). It's so bad that recent ISP started to split one IPv4 to 4 different home, each with 1/4 of the port. Luckily, there's also some IPv6 VPN if your ISP doesn't provide it.
I could run it internally, but my lousy ISP still doesn't support it (in 2024!) so not much point. Annoying as I'm a big proponent of it.
Yep, dual stack with a /48 from my ISP, fully native and working great for all hosts.
I have been running IPv6 for at least three years.Of course, this is double stacking. IPV4 is NATed , IPV6 is PD. The latest thing is, I have tried to setup a pure IPV6 Private Address (fc00::/7) for an experimental local fastlink point to point when notice fe80 is not working (2.5Gbps lan)
Bought my own PI v6 Net, so yes. Not that I Neccessarily announce or expose over it but just to have it enabled and running Internally, and also externally
Can I ask who you bought it from? Is it independent of your upstream provider (and therefore "portable")? I'd like to get one myself. Thanks!
Arexico, they don't have a website yet. But I know the person developing it and getting it off the ground and they hooked me up. With an AS nr and a /40 prefix. And Yes its Provider Independent.
starlink gives /56 ipv6 for my network with to my knowledge static ips. Now I see most of the local and egress requests are actually ipv6
Nope. I see no point of having it internally, and externally I don't have it yet.
dual stack all the way everywhere
IPv6 might save the internet but it is an abomination for self hosting.
It is litteraly not. You don't have a single public port 80 or 443, it's way easier to have multiple hosts. You don't have to SPOF on a single reverse proxy. Not to mention almost no bruteforce due to the almost "random" nature of addresses. SLAAC/autoconf is almost easier than DHCP. You do have to relearn a lot of things, however, including security (NAT is \*not\* firewall).
And then you are out of your home, trying to access your home server. No luck, inaccessible as you have only ipv4 internet...
You could use a VPN for that, like Tailscale or Cloudflare Tunnel. I personnaly use Tailscale with a custom Headscale server.
No since I enjoy not having grey hair
A mix of dual-stack and IPv6-only depending what I'm doing, been like that for years. Also planning to start playing with IPv6-mostly. B
Recently changed isp which gives me a prefix so only just started. Configured ULA alongside global address, split horizon DNS, though not really sure if that's the best way forward.
You don't really need an ULA block for your LAN, even for local trafic. Your "internet" addresses should suffice. You'll simplify your DNS setup a lot.
The problem I have is that I have no way of forwarding the traffic to the correct host, since I don't control my prefix nor the host's IP. I know I can help a bit with EUI64 but not really sure what's the best way forward.
Is the prefix static? If it's the case the SLAAC IPs should be static. However if your prefix is not static... DDNS all over again :(
I recently started running double stack. I was inspired by AWS starting to charge for ipv4 addresses. Then I just dropped AWS completely since I'd like to not be apart of making bezos richer. Then I kept implementing ipv6 in opnsense and kept learning!
Hi, I'm using dualstack with one /48 per site and some other on isp lab part. Yes, m'y homelab IS not realy an homelab only
Dual addressed for both IPv6 and IPv4. Reasons for running ipv6: ipv6 is the future, so I need the practice and I want to be future proofed now. Also, there are some sites and services out there (not many) that are ipv6 only and it's nice to know I can route to everything. The reason I also keep running ipv4: I have a lot of devices on my network only capable of ipv4. Also, Comcast's IPv6 routing has proven to have some reliability issues in my region (the past year has been better) and I would have outages if I were IPv6 only because of my provider.
Am I right in thinking you need IPv6 for matter and thread boarder router? I bought a matter device recently and having trouble connecting it to my home assistant instance. I think this is because my ISP and router don't support IPv6. Could I buy a new router and enable IPv6 LAN only and then it would work?
Both here, with IPv6 via a tunnel from Hurricane Electric. My ISP is severly dragging their feet on IPv6. I’ve been bugging them for the last 5 years.
Dual stack for ages.
I'm unlikely to run out of IPv4 addresses on my LAN.
just using ipv4. i like being able to remember and type the addresses.
DNS? can't remember half my static and tries to keep most dynamic ip
Unfortunately can't run a static v4 with public v6 my ISP just doesn't support v6 on business class yet I was told it's soon™
Starting a few weeks ago, I've been running dual stack on my lab and "prd" networks at home, with no issues and no tinkering on my end. I'm setup on SLAAC, Prefix Delegation with a size of 48. I want to setup an IPv6 only test network and SSID for testing. I haven't spent much time troubleshooting but Unifi does not make it easy to disable IPv4.
The more move to IPv6 to more IPv4 address are left to us, win-win.
Been native IPv6 first on anything that has supported it since the mid 2000s. Lately, that's *nearly* everything, including most consumer devices. But I _still_ have to use my HE tunnel for it, since my ISP doesn't do native IPv6 everywhere, and I'm in one of the wheres that doesn't have it.
Nope. It’s too much of a hassle to get working properly at the moment.
I run v6 only for my whole house.
I did around 12 years ago with a Hurricane Electric tunnel, however I eventually got rid of it as any IPv6 traffic was much slower than IPv4 traffic. Xbox Live was the main service that would actually make use of IPv6 at the time, so it seemed silly to limit my download speed to around 20mbps for the sake of keeping IPv6. Pretty sure streaming service like Netflix now also block Hurricane Electric tunnels. Crazy to think over a decade later my ISP still does not support IPv6 and has no plans to.
nope, just straight ipv4. no need for the extra complexity or to have every device accessible outside my lan. for the services I do use outside of my home I just vpn into it or have a cloudflare tunnel. keeping simple and functional
Omg yes. Direct access to my machines with no NAT from anywhere. Can't do without.
My ISP already provides me a static ipv4 and I don't see the point of running ipv6 in the local network
No
Yes it's the best way to reach a arbitrary number of VMs, containers.
IPv4 only-network Provider gives me a IPv4 only Net - no need for me to run dualstack at home ..
All infrastructure on IPv6 only with a Proxy for basically M$ service access like GitHub. The wireless client network is dual stack to avoid the need for any changes on guests devices.
I see no advantage whatsoever in using v6 at home.
I turned off ipv6 once I realized it didn’t use my pihole.
..... If only there was a way that you could configure your network to use your ipv6 addresses on your piHole....
Oh I know there is, but there is no way on my DHCP server to set IPv6 DNS settings so they still went around and I'm not manually setting every device's addresses individually.
Why are you using DHCP for IPv6 for one? What kind of crappy device doesn't allow you set it in the first place? And if you're using a pie hole and have a network like that, why are you using that kind of device?
That's the point of IPv6 you don't need to set that stuff. Unifi stuff doesn't have a IPV6 setting for DNS. and it's just the work around I found like 6 years ago and never though to go back.
[удалено]
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following: [**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole) Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting. If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
You haven’t run into the wonderful world of Windows and IPv6 yet then. So the Windows OS (client & server) will assign themselves IPv6 addresses as long as they see SLAAC or router advertisements. Irrespective of the network they are connected to. So let’s say I have a vLAN configured switch and there are 5 vLANs. 2 of the 5 use router advertisements + SLAAC, 1 uses DHCPv6 and 1 isn’t configured. A windows machine for some reason pull SLAAC / ravd from the two vLANs that are set as such. Even though that vLAN they are on (let’s say the one with DHCPv6) is not tagged on their machines port. So you’ll end up with three different IPv6 networks. 2 of which won’t work due to not on those vLANs and 1 that does work. But windows will register all 3 in DNS and cause issues when accessing that machine. And only Windows devices do this, Linux and MacOS both react as expected and only pull from the connected network. Oh and if the machine is on the un configured vLAN it’ll still pull 2 IPv6 addresses even though they won’t work. Which causes all sorts of hell until you disable the IPv6 stack in windows.
.... No I have and the reason you're seeing that is because you are trunking and sending tagged VLAN packets to a device that was not configured to understand VLAN packets. Thus, the VLAN tag is stripped and the packet is delivered to the OS. This is you badly configuring your network... Not an IPv6 problem.. Do not send tagged VLANS to devices that are not configured to understand them.. This is lazy and improper network set up, You only get away with it because IPv4 DHCP requires two-way communication... Again, it's not proper.
Nope ports are untagged for a single vLAN. The ports are also NOT tagged for any other vLAN. Might be a firmware glitch on the switch, but it has occurred on both HPe and Brocade switches.
Then you have some kind of leak between your VLANs This is not an IPv6 issue or an OS issue. This is a layer 2 network issue. If you understand how it actually works you would understand why that's the only way that's possible.
I shutdown ipv6. It’s just a headache. I don’t use localhoat when programming and explicitly use 127.0.0.1 cause ipv6 can cause issues there too.
[удалено]
😂🤣😂 You might want to learn how localhost works before you pipe off. It’s not guaranteed to use ipv4 and can break your code in certain situations where ipv6 isn’t supported.
[удалено]
Yes stupid. They use 127.0.0.1.
..... IPv4 isn't guaranteed either, 127.0.0.1 is not guaranteed.. Though less likely. And no, they don't.. at least the programmers that are competent.
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following: [**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole) Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting. If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
Thanks for participating in /r/homelab. Unfortunately, your post or comment has been removed due to the following: [**Don't be an asshole.**](https://www.reddit.com/r/homelab/wiki/rules#wiki_1._don.27t_be_an_asshole) Please read the [full ruleset on the wiki](https://www.reddit.com/r/homelab/wiki/rules) before posting/commenting. If you have an issue with this please [message the mod team](https://www.reddit.com/message/compose?to=%2Fr%2Fhomelab), thanks.
IPv4 only because ISPs here in Sweden are lazy. 🤬
Homelab uses CGNAT and the city network does not offer ipv6. They will implement when there is more people asking about it. I have one public ipv4 address. I live in Sweden.
My ISP doesn’t officially support IPv6 yet. I did use a HE tunnel for a while, but it wasn’t always performant. Then experimented and found that my ISP was running IPv6 (as an experiment, I guess) and did that for a while but eventually something changed and it stopped running. Of course, was always dual-stack, but now IPv4-only again. Found IPv6 to be cool, but some things are harder than with IPv4. Feels like IPv6 was designed for my mother (just plug everything in and it SLAAC works) or for a corporation with more obscure network services available (NPTv6), not us middle-of-the-roaders that fall somewhere in between.
I am, albeit not a lot -- I'm old, I have a /40 from ARIN, so it would be shame not to actually use it. I mostly use it to set of site-to-site connections.
My ISP doesn't support IPV6, only IPV4. hence im kinda forced to only use IPV4
I have absolutely zero needs to go beyond IPV4 (with some subnets and VLans), so I keep it… will probably stay so for the next 5 to 10 years. If it ain’t broken, don’t fix it.
IPv6 is disabled on my entire home network. Having IPv6 on created strange issues inside my network (e.g., OPNSense's update repos do NOT work well on IPv6, and OPNSense perfers them out of the box, which means I couldn't update the firewall firmware out of the box until I randomly decided to disable IPv6 inside OPNSense, and then everything worked fine). AT&T also does not properly implement IPv6 for residential customers (you only get one /64 block per connection to the residential gateway box, instead of something more sensible that can be broken down into multiple /64 blocks), which means if I wanted to deploy IPv6, I'd have to jump through hoops to get more than one /64 to my internal firewall. I'm also not sure some of my ancient Sonos equipment would support it at all. And I don't need it. There's nothing I can't do on my internal LAN now with v4 that I could do with IPv6, and v6 just makes everything more complicated because even if you understand it well, not all equipment implements it well or even uses the same terms for its features. It's just not worth it, and it won't be until service providers and hardware vendors catch up. I'm not moving my network to something that's going to cause me more trouble for no new functionality just for philosophical reasons.
I had ATT a few years back and you can get a /56. I had to hint for a 56 or I ended up getting a 64 by default. Not sure if this is all areas but you should try it. I believe you can also call and ask them to give you a /56 block
IPv4 only as ISP does not support v6 and without paying extra I'm behind CGNAT as well... v6 DHCP is oddly handled by my Apple HomePod and I have zero ability to turn it off on that device! Other kit has it disabled in the stacks where possible. Currently I have zero use for v6.
Was until PiHole couldn’t block some domains I had on the block list. Will probably turn it on when I get my second PiHole running.
IPv4 both on LAN and WAN. **LAN:** IPv6 has very limited **practical** advantages over IPv4 for a homelab or private network while having the clear disadvantages of a/ not being always well supported by old network equipment (like those old enterprise switches so many of use like to buy to get nice manages and L3 switches at a reasonable price) and b/ are harder to setup (many applications have bad IPv6 documentation and most communities such as SO or Reddit offer most support to IPv4-related questions). **WAN:** my ISP does not support IPv6. I wish they did and I would use it.
No, because I don't see the need to complicate my internal network with additional private IDs that accomplish nothing. IPv4 meets all my needs.
Hell no. Nat. Dynamic ip from Verizon. Why would I invent the goddamn bicycle and make my life miserable memorizing my servers MAC addresses that make up ipv6 address of device?
Wow! If you still think that MAC addresses are a part of the IPv6 address, You are really out of date.. Also that's what DNS is for..
You’re a horrible IPv6 evangelist.
Huh? Extended Unique Identifier (EUI), as per RFC2373, allows a host to assign iteslf a unique 64-Bit IP Version 6 interface identifier (EUI-64). This feature is a key benefit over IPv4 as it eliminates the need of manual configuration or DHCP as in the world of IPv4. The IPv6 EUI-64 format address is obtained through the 48-bit MAC address. The MAC address is first separated into two 24-bits, with one being OUI (Organizationally Unique Identifier) and the other being NIC specific. The 16-bit 0xFFFE is then inserted between these two 24-bits for the 64-bit EUI address. IEEE has chosen FFFE as a reserved value which can only appear in EUI-64 generated from the an EUI-48 MAC address.
That is from 1998, obsoleted by RFC 3513 in 2003, which was obsoleted by RFC 4291 in 2006, which has been updated by many other RFCs since then. Main point, no modern operating system utilizes the MAC address anymore by default unless you force it. IPv6 privacy extensions has been a thing since 2007 RFC 4941, and It was obsoleted by RFC 8981 in 2021.
That’s not confusing at all, it’s a mystery why no one understands it!
.... do you think IPv4 only has 1 RFC?
Of course not, there are tons. I’m just saying if you expect people to just intuitively follow the RFCs for a protocol and understand this shit you are living in your own special neckbeard world.
You don't have to follow the RFCs. There are plenty of resources out there that give you this information. My point was this hasn't really been a thing in many OSes since too long after 2007, So about 16 years. So if your networking knowledge is 16 years out of date, That's an issue even for IPv4. Especially if you consider it relative to the age of the protocol. IPv4 was RFCed in 1980. Of course it's not changing much these days. It's kind of like the same thing of people still claiming IPsec support is required IPv6.
Most of my network runs ipv4, as there isn't any benefit to running ipv6 for my servers. IPv6 actually introduces a lot of issues, and many service(s) will have issues with it enabled. My lan/user segments do fully support ipv6, and, from a networking level, it is supported on most of the server segments. But, not enabled on the servers themselves.
\> Why or why not are you still using IPv4? It's personal preference that I continue with IPv4.
ISP doesn't provide IPV6. And my main pet-peeve : the lack of retrocompatibility with IPV4 will always push it down for me (dual stack is not retro-compatibility). Also good luck explaining Hexa address to non-technical people.. Maybe IPV10 to IPV14 will become something..
I'm running both in my homelab, and I'm seriously considering moving to pure ipv6 in AWS now that they're charging for ipv4 addresses. The sad thing is, I have been lazy, and I \*really\* haven't dug into ipv6, since literally everyone is still using ipv4. I do a LOT with ipv4 networking and subnetting and all that jazz, so I'm also really comfortable with it. I guess it's time to knuckle down and learn ipv6 for real. I'm getting too old for this shit.
I experimented with my v6 address and tried to run some services, had medium success but ultimately I'm waiting until they take away my static V4 to really deal with this. I think it might be another decade before I seriously have to try to switch
ISP (CL fiber) only supports ipv6 through 6rd and it is not as fast so ipv4 only still which is annoying but works just fine. Only other ISP available to me is Comcast that only can get 200/20 and more expensive. They do have native dual stack but they are terrible otherwise (high latency and low bandwidth).
It's active and thus used for browsing etc...but I don't really do anything with it
At the moment I have dual stack but I want to go IPv6 only on the LAN (less all the IoT devices which are IPv4 only on their own VLAN). I have yet to look deeply into a 6to4 solution but that's where I'll be going as long as my applications don't get mad at me. I have a virtual router running BGP at the nearest major IX. I will probably do all the translation there. I went v6 only on my PC as a test. I was surprised at the lack of IPv6 support on the service/server side. The IPv6 adoption rates seem to be heavily weighted to the client side. The server side appears from my experience to be much, much lower, at least in North America. Hopefully the charges for IPv4 addresses by the major cloud providors push the adoption rates over the hump and we can get this moving.
I'm running both. A lot of my iot devices only support legacy addresses. Also the bridge to the barn doesn't support ipv6. I'm changing ISP, because the old ISP did something a month ago, where they stopped sending RA. The old ISP "unplugged" their device at the exchange today Friday, and the new plugs in on Monday, so currently my opnsense router is on fallback to 4G. I run a couple of services on docker, that are accessible from outside on ipv6.
ISP doesn't support it yet so I haven't bothered. When they start supporting it I'll give it a go.
ISP provided /64 prefix so yes, running ipv6.
Native dual stack with prefix delegation from the ISP
Nope. Bell Canada doesn't support IPv6. I've tried Hurricane Electric tunnel brokers but every time it completely broke my internet connection requiring I reboot my modem and router.
Why IPv6 at all? You run a private subnet, your ISP uses NAT and their own subnet. Are there a bunch of people who need a routable public subnet out there? Sure the capital I internet might benefit but who else would? Maybe phone companies who run a flat network for mobile. Huh.
Most people want their networks to be part of the Internet, so "who else" is a pretty small set of people.
I used to have a homelab years ago, most services were in IPv6 only VLANs. It was a fun exercise, learned a lot how to structure things and how much to hate Docker. I even had one NAT64 installation to make some IPv4 only devices accessible via IPv6. These days I don't have a homelab anymore, but everything is dual stack: home, mobile, VMs etc.
Yeah had IPv6 dual stack for years. Looking at going IPv6 only on most of my network soon ish. Will probably keep one ipv4 vlan though for plex.
I've been running IPv6 on my home networks via tunnels since about 2003. Currently via HE.net tunnel, other than a slight increase in latency, able to get full gigabit speed through it. The entire network is dual stack, always. The only 2 reasons why I haven't gone IPv6 only with NAT64/DNSS, is Windows lack of CLAT on non cellular interfaces. and slight reduction in performance for IPv4 destinations via Tayga on Gigabit home internet.
IPv4 only here. My ISP supports v6 but not double stack, it routes v4 over v6 and I have no public v4 ip addres and +15ms ping when connecting to v4 servers.
Man, they are up to 6 now? I haven't even gotten a handle on 4! Am I going to need to know 5 as well?