this post was submitted on 18 Jun 2024
362 points (98.7% liked)

Selfhosted

41400 readers
949 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 27 points 7 months ago* (last edited 7 months ago) (1 children)

Ipv6 requires fundamental rethinking about how addressing is done. If you're trying to apply v4 concepts to V6 you likely end up running into something they intentionally designed out.

A unique local address is an address space where you could do that. It's the equivalent to RFC1918 eg. 172/192/10. So you could statically assign fd0::x, and that is expected, but not required generally.

I wouldn't give each device a static unique global address unless they need to be accessed via wan without domain consistently. You lose device privacy really quickly that way because every device gets a unique globally routable address. It's fine for internet facing services but most Linux, Windows, and mobile implementations are using ipv6 privacy extensions by default to ensure you get a random GUA every day.

My network is dual stack and I connect mostly over ipv6 to all my internal clients using internal DNS. If my internal DNS is ever down I can fall back to ipv4 or it's basically the one box on my network with an easy to remember ULA.

[–] skittlebrau 22 points 7 months ago* (last edited 7 months ago) (4 children)

Each year I seem to think “this will be the year I set up IPv6 in my homelab” - but then I never get around to it.

If I have to run both v4 and v6 concurrently, there isn’t much incentive/motivation for me to use v6 locally.

Maybe I’ll get around to it when there’s a net benefit for me for my use case, or when I’m forced to.

Am I just imagining it to be more complicated than it actually is?

My router runs pfsense and I have 6 VLANs each with its own subnet - Management, Trusted, IoT, Cameras, Guest, and Web Facing Servers.

[–] [email protected] 10 points 7 months ago (3 children)

It's honestly super simple to set up. Outside of your ISP config it's almost all autoconfig. 100% of the complication (at least for me) comes from knowing ipv4 first for 20 years and then trying to incorrectly map those concepts to V6.

As soon as I "let go" it was fine.

There's not a huge net benefit you're right. I mostly wanted to learn and I hope to be at the front edge of disabling ipv4 in the near distant future.

[–] [email protected] 3 points 7 months ago (1 children)

The benefit is being able to easily access devices from the internet. The same address works on the LAN and WAN. There's no port forwarding, so multiple devices can have the same port open. You also don't need to mess with a VPN if your IPv4 connection uses CGNAT.

[–] [email protected] 2 points 7 months ago (2 children)

Yeah dropping Nat is the biggest net benefit I agree but I think the avg person won't really find that much value in it when Nat works ok

[–] [email protected] 2 points 7 months ago (1 children)

And the average person is going to be using it without knowing. And never complain or anything.

[–] [email protected] 1 points 7 months ago

Yea, prolly already using it.

[–] [email protected] 1 points 7 months ago (2 children)

NAT works fine until you get stuck on CGNAT and can't host anything on IPv4 without using a VPN.

[–] [email protected] 1 points 7 months ago

Meh, nothing a VPN and a 3 bucks a month VPS can't solve...

yells at cloud in IPv4

[–] [email protected] 1 points 7 months ago (1 children)

I thankfully have never had the misfortune of cgnat

[–] [email protected] 2 points 7 months ago

Yet.

As IPv4 blocks get scarcer and ISP's get more customers, they'll all eventually have to move to IPv4 CGNAT.

And that's completely fine for most people.

If you're not one of those people, then IPv6 is your saviour.

[–] [email protected] 3 points 7 months ago (2 children)

An issue I had the last time I tried to set up IPv6 up was pihole didn't work as well as I would have preferred. I assumed I just didn't set up things correctly and it's looking like that is the case based on the OP.

It kept resolving ad domains with their IPv6 address.

[–] [email protected] 1 points 7 months ago

That’s the reason I killed IPv6 on my network.

[–] [email protected] 1 points 7 months ago (1 children)

Who cares if it access them over ipv6. Their still blocked.

[–] [email protected] 1 points 7 months ago

If ad domains can be resolved to their IPv6 addresses, it means that they are not blocked. Your device connects to the IPv6 address and serves the ad.

I can't remember what the problem was but my window to rollback was closing so I reverted back to IPv4 only and pushed it to another day.

[–] skittlebrau 1 points 7 months ago

Thanks, I’ll give it a go!

I suppose it’ll be easy since my whole stack uses IPv4, so I’ll be simply adding another interface on without service disruptions.

[–] [email protected] 2 points 7 months ago

If you happen to torrent a fair bit (especially public trackers) then ipv6 can make a huge difference, there's loads of ipv6 only seeders and leechers I'm suddenly reaching.

[–] [email protected] 1 points 7 months ago

I made the plunge about a year ago. Spectrum assigns me a prefix but routing was spotty at best. In the end after all the troubleshooting pointed to the problem being the ISP I gave up and stuck with what works, IPv4.

[–] [email protected] 1 points 7 months ago

Its a mind shift cause so use to NAT and ipv4. But it is not they hard. I'm glad I learned it, but the beginning was tuff.