New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
It's like everything, boom, you need to configure it correctly and run it within the specs or it will turn into a shit show.
What the heck does bench.sh have to do with IPv6 abuse and the price of rice in China? I'm really curious what your thoughts are on that one.
I think you missed where I mentioned that it is a proper option for very specific use cases. Also, Why not isolate your apps on their own vms in-case they they're not dependent of each other?
You're also kinda missing the point, You wouldn't setup the whole 18quintillion IPs unless you do need them. /64 is allocation per network not per device/machine. It's not supposed to be that every device needs to have it's own /64 but rather the router has it and then it will assign every device connected to it, it's own public IP. This standard is followed by all cloud providers tho low end providers just allocate a whole /64 to the VPS as, as far as my understanding goes - they count each VPS as it's own network?? either way, You get the point.
It's not good practice to run apps overlapping each other on ports or other resources on the same machine. Instances where you'd absolutely need to do this is very low and still count as not good practice. Over the past decade or two, We've come over the barriers where we'd want to run overlapping apps on the same machine.
I noticed NextDNS provides "secure" DNS and does some kind of analysis on your traffic. I've not used it, but it seems one of its mode of operations is to use IPv6 DNS servers 2a07:a8c0:: and 2a07:a8c1:: with the lower bits set to your unique token.
Although, it'd be quite amusing to make requests for questionable domains to random accounts using this and watch the confusion when someone sees them showing up in their stats.
@typicalGtaTG
Its only the greedy ones that assign /128. There are many legitimate usecases. You just need to get past the IPv4 mindset.
@typicalGtaTG
Well you can bind processes to interfaces and nothing would overlap. This exists for decades lol
just a stupid question, but you do realize you can have all these services running at the same IP, right?
Any reason you want to waste/spend your time to configure different IP binding per service? just to learn or is there some particular reason?
It's easier to move the application to another host if it has its own IP address then you don't even have to update the DNS.
If it doesn't matter that the application binds to any address and use the default IPv6 address for outbound connections then you can still bind to [::].
Not sure about the "greed". I provide IPv6 Allocations to ISPs locally here and I have not seen such a case where the network isn't followed by the standard. NAT is not the solution that is the whole point of IPv6.
If you're talking about VPS providers then I don't think assigning /80 or /112 or /128 is a bad thing, most people won't use or require more than that. Though you should be able to get up to a /64 on request.
Are you sure only ports can overlap? and there's absolutely nothing else that can overlap for a software?
its fun trying to nearly kill myself
It's a bit embarrassing that boomer doesn't get how routing works, you'd generally want to forward the entire /64 to a given host instead of trying to put individual entries per address.
He would rather just blame IPv6 or virtualizor or China etc instead of admit he's got absolutely no idea what he's doing, it seems.
Why China?
I don't know what they're talking about. I have nothing against China, it's my #1 or #2 customer base. They're right with I don't understand IPv6. I do have a direct IPv6 allocation and it's routed. I'm trying to learn
You cannot blame that which you do not understand.
Ask for additional 10-15 /64 subnets with good reason that it’s not enough IPv6 addresses in your current subnet and you are required more.
You missed my point, which was the IPV4 NAT limitation. Setting up the apps in different VM's was irrelevant and makes no difference.
You also missed the point of a /64. That's so each device/app/purpose can have it's own IP... forever! Set and forget. With some providers, I have to change IPv4 addresses with minimal notice every couple of years. Annoying AF.
This is exactly the purpose of servers. Especially in virtualization. Not all of those $10k servers sit there doing one thing only. You should be limited by physical resources, not IP's.
That is a very legit reason but again, why run the same apps which overlap ports on the same machine? Calls for disaster.
umm... what? Please consider reading my comment again... The RFC states that a single /64 can be assigned per network so that each device can be assigned it's own public IP address.
You're literally agreeing with me while trying to make an argument here? I don't quite understand you.
Throughout my time being a Network Engineer & handling customer support of ISPs, I still think understanding people over the internet is the hardest. One thing that can be understood is one or the other or even both parties can be stupid.
So you are trying to say that like for example if my host has a /64 i can assign an IP to for example 18,446,744,073,709,551,616 docker containers right?
What I'm trying to say is that, let's say your home router is assigned a /64, that'd mean every device connected to your router will get it's own public IP. Same is done by cloud providers, when you make a new Virtual network in the cloud it gets assigned a single /64 by most providers then each time you connect it to any sort of instance, the virtual network assigns one or more IPs to that instance depending on how you configured it.
In an actual proper environment made for absolute production, never has a /64 been assigned for the sole use of a single machine.
Some interface identifiers are reserved, maybe they shouldn't be used in that way.
https://www.iana.org/assignments/ipv6-interface-ids/ipv6-interface-ids.xhtml
Nothing overlaps if a process binds to an IP instead of listening to everything and dropping what it doesnt want. This is exception with some design choice seen in some few crappy software. Most allow you to specify which IP to bind. Containers, namespaces or whatever is just a modern abstraction of the existing tools previously available that could make sense for security or easy configuration.
In either way, the provider has no way of knowing that you will only use a single IP address in a single machine/device. IPv6 scarcity is not a problem.
The RFC6177 (which obsoletes the previous RFC3177) disregards the use of /128s unless it is certain that only one device will be used and there's no further need to subnet.
They stopped recommending specific block sizes (ie. /48 for end sites) depending on the size of the end user/site/organization, because there are many factors to take into account, but certainly they are not advocating for a single /128.