Wurde verlinkt von

https://stefan-ziller.eu/2025/berliner-verwaltung-muss-bis-2029-auf-ipv6-umstellen/

#berlin #ipv6

This sounds like an awful question:

Can I "port forward" an ipv6addr:port pair to an internal ipv4 address?
#Homelab #Networking #IPv6 #Mikrotik

Ok so after a bunch of searching for a good tool to track down what is running on the network I settled on:

* Security onion ingesting NetFlows from the router. This catches all traffic that crosses subnets. Traffic within the subnets isn't as much of a concern at this stage.
* Nmap plus a stylesheet I found was able to generate a pretty digestible html doc enumerating ports and hosts

From those sources I can pretty easily setup sensible firewalls at the router level, and potentially at the host level as well. After that I can work on intra-kubernetes traffic rules.

Also I used some of the initial data to sort hosts a little better and cleanup DHCP/static DNS entries

Lastly I'm going to back away slowly from ipv6 again. I did learn a bit and made some progress but getting that cluster properly talking dual stack is less of a priority at the moment I think?

#Homelab #Networking #IPv6 #Mikrotik

AWS Site-to-Site VPN now supports IPv6 on the outside IPs
by Ruskin Dantra, SaiJeevan Devireddy, and Scott Morrison on 24 SEP 2025

https://aws.amazon.com/blogs/networking-and-content-delivery/aws-site-to-site-vpn-now-supports-ipv6-on-the-outside-ips/

#aws #ipv6

If I use openresolv in place of resolvconf I don't run into the timing issue, but it has no notion of interface-order so it gleefully puts IPv4 resolvers ahead of #IPv6 with no apparent way to change this.

@rl_dane

I love the power of bash scripting

🖋️ #bash #sh #zsh #ksh #csh #ping #IPv6 #IPv4 #gping #httping #Linux #POSIX #OpenSource #Programming

Being thankful is important, esp. when you use opensource software.

I'm thankful to the coder(s) of gping a command which sends a nice graphical output in *sh when you invoke it of the ping reponses of your favourite server

In the same line I again want to thank the coder(s) of httping which can send you ping responses in an awsome way

I had spoken about httping before

Thank you all

🖋️ #bash #sh #zsh #ksh #csh #ping #IPv6 #IPv4 #gping #httping #Linux #POSIX #OpenSource #Programming

Alt...

The image shows a computer screen with a terminal window open, displaying network latency data. The terminal window is titled "mocp" and shows a ping test to the server "ftp.sunet.se" with various latency measurements in milliseconds, such as 277.41ms, 262.225ms, and 247.04ms. The background of the terminal window features a green digital rain effect, which is a visual representation of data being processed. Below the terminal window, there is a timestamp indicating the time as 11:49:09, and a video player interface is visible at the bottom, showing a timestamp of 11:49:24. The video player is paused, and the video displays a rural scene with a structure resembling a gazebo and trees. The overall color scheme of the image is dark, with green text and graphics contrasting against a black background.

Alt...

The image shows a detailed network performance analysis tool interface, likely from a command-line application. The interface displays various metrics and graphs related to network activity. At the top, there are columns labeled "latest," "mocp," "avg," "max," "sd," "mc-a," "cur," "cafe," and "RemAD," with data such as "resolve," "connect," "ssl," "send," "request," "close," and "total" presented in numerical values. The graph at the bottom shows a timeline of HTTP responses, with green bars indicating successful responses (200 OK) and red bars for failed attempts. The HTTP response code is "200 OK," and the SSL fingerprint is "n/a." The "Last-Modified" timestamp is "Thu, 10 Apr 2025 15:18:21 GMT," and the "Expires" timestamp is "Tue, 23 Sep 2025 15:08:53 GMT." The "Content-Type" is "text/html; charset=UTF-8." The interface also shows the run time, which is "2025/09/23 12:07:33.408," and the total number of requests, "4341751." The graph indicates a high frequency of successful responses, with a few failed attempts. Provided by @altbot, generated privately and locally using Ovis2-8B 🌱 Energy used: 0.903 Wh

Ok so more IPv6 thoughts:

I was thinking a bit more about the idea to move the dnsmasq service onto the router:

So the entire reason for switching to dnsmasq was because it creates DNS entries for DHCP clients, and it even can assign a different subdomain per subnet.

However, there was something I had yet to get functional: mapping IPv6 to those same DNS names.

I'm not even sure how that is possible! Certainly not with dnsmasq because I don't have it handling anything? Or maybe there is some stateless DHCP option?

Which got me to thinking that maybe it is possible with Mikrotik's scripting?

On a related note I saw a script to update IPv6 prefix if that updates which looks super useful and might put me at ease. I could use ULAs for internal traffic and have that prefix updater script update firewalls if anything changes.

#Homelab #Networking #IPv6 #Mikrotik

Cooking or cooked: link shortening edition

URLs are compressed but rather than a path they become a subdomain.

Server-side for creation:

A DNS entry is created with a unique, globally addressable IP address from the host's delegated v6 /64, and adds that IP to the main interface.

Client-wise:

The dynamic subdomain is delegated out to the host. The host DNS server responds with the unique IP for that link shortening. When it receives HTTP for that IP it responds with the usual redirect/301 to the full address.

#DNS #IPv6

IPv6 Deployment at APNIC 60

By George Michaelson on 18 Sep 2025

https://blog.apnic.net/2025/09/18/ipv6-deployment-at-apnic-60/

#blog #ipv6 #apnic
#notbyGeoffHuston (except one presentation)

AWS Storage Gateway now supports IPv6
Posted on: Sep 16, 2025

https://aws.amazon.com/de/about-aws/whats-new/2025/09/aws-storage-gateway-ipv6/

#aws #ipv6

AWS Step Functions now supports IPv6 with dual-stack endpoints
Posted on: Sep 18, 2025

https://aws.amazon.com/de/about-aws/whats-new/2025/09/aws-step-functions-ipv6-dual-stack-endpoints/

#aws #ipv6

I pinged a large electronics online shop from CH, that their store is only reachable with the #legacyprotocol .

They send a well formulated response from the technical department, that #IPv4 is the preferred protocol and they haven't heard any negative feedback from customers so far. Nevertheless, they have placed #IPv6 connectivity on the #backlog for future re-evaluation.

If you are a customer, please make you voice heard.

I got IPv6 in the cluster ​​

Need to figure out:
* Ipv6 LB (and ipv6 bgp)
* Configure ingress to use ipv6
* Everything defaults to single stack, hmmm.
* Oops also don't have ipv6 on pods hmmmmmmmm
* Oh no everything exploded ​​
Ok so do not* set cilum to ipv6 without the nodes showing a value pidcidr, it will cause every single pod to crash
* Gotta see if I can fix the pod cidr on nodes without doing node resets
#Homelab #IPv6 #Kubernetes

Anyone remember WordPress?

Anyway, they are welcome #ipv6
https://meta.trac.wordpress.org/ticket/3090#comment:26

@tschaefer no I don't have 250 Android devices at home. But more that currently fit into the mentioned /61 allocation.

Currently residential use case for #DHCPv6_PD is limited to my understanding. Handling of 250 routes in a CPE is also pretty challenging I guess.

Nevertheless I'm happy that this is now supported and hopefully moves #IPv6 deployments in enterprises and campuses forward.

@DasSkelett Thank you for digging into this and sharing your experience.

I took a different route and looked into this, if one wants to apply "enterprise" deployment techniques at home.

Best case about 250 Android devices in a household with a single subnet.

Due to my ISP broken #IPv6 delegation I'm left with 8 devices in my main subnet. With full support for this.

*context*
/59 delegation and a few VLANs with /64 and one #homelab with /60 leaves me with a /61 in my main VLAN.

Idle #hamradio and #ipv6 rambling:

M17 encodes callsigns into a 48-bit address. ( https://m17project.org/m17-callsign-calculator/ ) This fits nicely within the 64-bit host portion of an IPv6 address. I suggest the top 16 bits could be a sentinel value to let an application know that the rest of the address is an encoded callsign. I propose 0x0073 to stay out of the top 8 bits where things like the locally-generated bit (EUI-64) are and, well, 73 for the ham reference.

eg, my bare callsign as a link-local address: fe80::73:0:2cd:5b06

I think this has some potential for use in AREDN-style mesh networks, especially now that they're using Babel which defaults to exchanging route information over link-local IPv6. It would reduce or eliminate the need for DNS, referring to resources by callsign and SSID or other extenders we're already used to. And this way a traceroute would contain readily useful information, removing the need to cross-reference a MAC or static address table.

@tschaefer @goetz There's some additional info in Lorenzo's post to v6ops this morning:

This change should already be live on most Android devices running Android 11 and above.

<snip>

Over the next few months we also plan to roll out support for DHCPv6
address registration (RFC 9686).

https://mailarchive.ietf.org/arch/msg/v6ops/Sq5TadeSsMQ-0uEWrdem3A1wDh0/

#IPv6

#IPv6
#DHCPv6_PD for #Android

#RFC9663

https://android-developers.googleblog.com/2025/09/simplifying-advanced-networking-with.html

This is a #fail I wouldn't have expected.

#Youtube #IPv6 @alexhaydock

Another year, another tvOS update where the YouTube app is inexplicably broken on IPv6-only networks…

…but only when using Ethernet

Haven’t been able to work this one out, and Apple’s end-user bug reporting flow is absolutely dire.

#tvos #apple #appletv #ipv6

@noahm @jima I first approached GitHub about their lack of #IPv6 support in March 2013. In that time they've added it to some of their ancillary offerings but never to the main site.

It has also become clear that their priorities have shifted, especially in the wake of the Microsoft acquisition. At this point I think the only viable solution is to https://giveupgithub.com/

Looking good :-) The amount of IPv6 traffic is higher than the crappy legacy-IP one 🙂

All Jails now equipped with native IPv6 and firewalled by "pf" on the host-bridge.

Just IPv4 still using NAT. And I'm even considering dropping that. Not worth the hassle anymore.

#ipv6 #freebsd #pf #networking

https://fe80.cz/

profiles for iOS

#cz #ipv6 #iOS #iphone #ipod #dualstack #ipv6only

not really new, but (still) useful

Some people say, there are better defaults on iOS26
🙏

Naja, solange wie das Geschäftsmodell noch hält. Die Preise sind inzwischen auf 20-30 $ pro Adresse gefallen, mit weiter sinkender Tendenz. Wenn wir da einen linearen Abwärtstrend unterstellen, müsste der Preis bereits 2028 bei 0 rauskommen. 2027 - 2029 wären aber auch ungefähr der Zeitpunkt, wo Deutschland, Indien und Frankreich die 100%-Marke (zumindest theoretisch) knacken müssten. Spätestens dann müsste die Nachfrage nach Altadressen einen Sprung nach unten machen. #ipv6

@tschaefer

Would you use a server that is #nixos only and #ipv6 only ?

#linux
#programming

AWS Elastic Beanstalk now supports IPv6 in dual stack configuration for Application and Network Load Balancers
Posted on: Sep 10, 2025

https://aws.amazon.com/de/about-aws/whats-new/2025/09/aws-elastic-beanstalk-ipv6-dual-stack-configuration/

#aws #ipv6

@apalrd They're talking right now about #IPv6 adoption in FInland, if you have the time: https://us02web.zoom.us/j/89148806451?pwd=WGq0wP99Diyu5rf2RrRigengqaZt07.1

"How can we expect to deploy #IPv6 when #IPv4 in schools still rules?" asks Maria Matějka in the Networking Protocols session at #APNIC60. "We need to flip the order".

(citation of APNIC at x)