@SoniEx2 Do you mean for IPv6 allocations from your RIR (regional registry)? If so, for Europe (RIPE) then no, an IPv6 allocation is free. (As part of your normal membership).
Good news for #IPv6 users in Austria: Apparently, Wien Energie can now deliver state of the art Internet to homes. Handing out a single /128 seems like a curious choice, but you get a /56 through prefix delegation, which should suffice for most homes.
Hm, so because I am so eager to understand things I know have the task to explain #NeighborDiscoveryProtocol of #IPv6 tomorrow.
From what I understand, I can think of multicast of like topics in MQTT:
One sender and whoever is interested can read from it. New hosts are subscribed to it when they go online.
By setting certain flags in #ICMPv6 their are messages for routers and neighbors. One for request and a matching respond (called solicitation and advertisement).
Now I would love to have a #SysAdmin confirm my understanding.
Ik krijg op de 'Connection test' van https://internet.nl maar een score van 10% terwijl ik toch echt alles op #IPv6 first heb staan.
Mijn eerstgebruikte nameserver is die van @freedominternet mijn internetprovider: 2a10:3780:2:52:185:93:175:43
En als ik internet.nl opvraag krijg ik toch echt ook het IPv6 adres terug:
$ host internet.nl
internet.nl has address 62.204.66.10
internet.nl has IPv6 address 2a00:d00:ff:162:62:204:66:10
internet.nl mail is handled by 10 vmx02.prolocation.nl.
internet.nl mail is handled by 10 vmx01.prolocation.nl.
internet.nl mail is handled by 10 vmx03.prolocation.net.
@flameeyes I already have one wordpress instance I need to manage, screw that. I actually enjoy authoring posts in #logseq nowadays, I just need a sensible pipeline to publish them that doesn't involve running scripts in clojure, calling into hugo, and then scp -r.
I even started working on that. Clojure's nbb is amazing, being clojure but with all the node-modules you can eat (and your ssd can fit). I don't need much, clearly nothing of the hugo's customization abilities, just a live preview and a final render. Writing the hiccup-themed html that just renders into static tags is fun. Being able to access the logseq's DB directly is also really handy and you can do some processing if needed (like resolving logseq's cross-block references, pulling the images from the store, etc.)
If you want to make sure that a lot of small e-mail servers (like mine) will not reach your e-mail server, because you really hate us folks trying to keep e-mail decentralised, just use the CSS blocklist by #Spamhaus. This will greatly reduce your exposure to the even weirder small admins (like me) that try to use #IPv6. Throw in UCEPROTECTL3 and/or L2 too to exclude us running our small, well-maintained mail servers at ISPs on small VPS or dedicated servers. #SarcasmButOnlyHalf
Beim #Selfhosting der #Nextcloud steht mir gerade #IPv6 im Weg. Da es hier kein #DSL gibt, sind wir mit #Telekom#5g verbunden. Eine öffentliche IPv6 haben wir uns schon geklickt. Es gab aber noch nie Berührungspunkte damit. Herausgefunden haben wir schon, dass es sich um eine /64 IPv6 handelt. Wo und wie fängt man denn jetzt sinnvoll an? Als Router kommt eine Fritzbox 6850 zum Einsatz.
Die IPv6 ist mittlerweile konfiguriert. Jetzt stellt sich die Frage, ob es sinnvoll ist intern die alten IPv4-Adressen zu behalten oder auch auf IPv6 zu wechseln. Vor- und Nachteile?
@WestphalDenn Was heißt "intern"? Da Draußen im weiten Internet gibt es immer noch Anschlüsse ohne IPv6, das Abschalten dieser Adressen würde zur Folge haben, dass man über IPv4 dort nicht mehr heran käme. Das gilt auch für Situationen, in denen man via Mobilnetz unterwegs ist und der Anbieter dir nur eine v4-Adresse zuweist.
Zastanawiałem się ostatnio, dlaczego po 28 latach od wprowadzenia protokołu #IPv6, nadal tak mało dostawców internetu go oferuje.
No i dzisiaj dostałem olśnienia. Zgodnie z zasadą "Jak działa to nie ruszaj" - dopóki #internet się nie sypie, nikogo nie obchodzi i nie będzie obchodziło jakieś IPv6.
Tak sobie potem pomyślałem, że przecież #IANA (organizacja zajmująca się zarządzeniem adresami IP) mogłaby ogłosić protokoł #IPv4 jako przestarzały. No... ale tego nie zrobią. Dlaczego? Ponieważ trzaskają gigantyczną kasę na dzierżawie bloków IPv4.
Miliony sieciowców w firmach musiałoby się nauczyć IPv6, żeby poprawnie skonfigurować sieć, co generuje dodatkowe koszta. Pomijając już, że wiele z nich to samouki w Januszexach, którzy coś tam potrafią pogrzebać, żeby ostatecznie działało, ale to tyle.
Aktualnie mamy sytuację patową:
brakuje adresów publicznym; ISP przydzielają jeden adres wielu urządzeniom w różnych domach
@talktech Interesting, I used them for a long time and over the months and years the packet loss slowly increased to a level where I could no longer use it any more.
I then made a move to a provider which had native IPv6 so didn't need it anyway.
Has someone here an 464xlat #CLAT daemon running under debian, more or less in production?
I'm looking for the best solution right now, especially with regard to packaging an automation. I'm not really convinced (yet) about clatd though. #ipv6
Currently, #BoxyBSD has #IPv6 networks in DE, CH, DJ and US (East). Which would you prefer and should one of these location get added?
VAE, AUS, JP, CA, PL, SG, ZA could easily be added.
Unfortunately, nothing near India. Trying to have a look for it.
#IPv6 rocks. Flawless physical migration with only a very minor downtime :-).
Thinking about networks as segregated network segments is just SO MUCH easier, this time around, I went #IPv6only and didn't even bother with setting up IPv4.
honestly I prefer the same approach AWS uses here with RDS Postgres servers -- pg_hba is configured to allow connections from everywhere, then just limit access to the database with the firewall. Trying to add source host based ACL for each database on the postgres instance is kinda stupid
Yes, in certain cases it can be an overhead, but it really is just layered security. Should sth be funky with my firewall, each database can still only be accessed by their allowed hosts, also using authentication.
Of course this depends on the nature of the service, but I'd argue most of the time, the list of hosts that need access to a given database is pretty static and short.
I do prefer adding effective layers of security for little overhead :-).
