Search results for tag #ipv6
![[?]](https://ipv6.social/system/accounts/avatars/109/264/914/124/733/601/original/d445ad99089fb700.jpg)
![[?]](https://media.troet.cafe/troet.cafe/accounts/avatars/111/922/967/390/191/729/original/292ac285a6376891.jpeg)
Ok, dann ist sie vielleicht schlecht. Aber: ICh halte sie trotzdem für unumgänglich. Schließlich wird es in der Zukunft immer einzelne Emailanbieter geben, die sich gegen #ipv6 sperren - und die dann auf möglichst geordnete Weise aussortiert werden müssen.
Die Alternative wäre in meinen Augen nur, dass man #IPv4 auf Dauer weiterlaufen lässt, und das ist keine Option.
Damit wäre für mich eigentlich nur noch der Zeitplan debattierbar.
GMX hat das Problem ja auch. Ich hab versucht, mit denen mal zu reden.
Die meinen, #IPv6 würde „zu gegebener Zeit“ kommen.
Ich frage mich, wann das sein soll.
Vielleicht warten die darauf, dass der Gesetzgeber einen Termin für den Sankt-Nimmerleins-Tag festlegt.
Mein Gedanke war jetzt: Wenn es genügend viele Onlineportale gibt, die diesen Weg gehen, dann müssten DTAG, UI und andere IPv6-Verweigerer doch irgendwann umdenken.
Bei der Gelegenheit sollte man dann auch gleich noch kontrollieren, ob 1) der DNS-Server der Emailadresse per IPv6 auflösbar ist und 2) ob man den MX per #IPv6 erreichen kann.
Wenn das nicht der Fall ist, sollte man die Eintragung der Emailadresse in den Kunden-/Benutzer-/Mitgliederstamm verweigern. AUf die Weise könnte man IPv6-verweigernde Emailprovider nach und nach aussortieren. #Ipv6only
Nur mal so als Idee am Rande.
IPv6 in 2025 – The Freedom of Address Space
.... NAT ..... And it should be acknowledged these worked wonderfully well – buying us not just a couple of years, but a couple of decades. But it’s time to abandon this constraint mentality and embrace the freedom that 2^128 provides.
https://blogs.cisco.com/industries/ipv6-in-2025-the-freedom-of-address-space
![[?]](https://cdn.masto.host/sockvetch/accounts/avatars/107/900/028/224/671/633/original/15b45262865026a0.png)
![[?]](https://toot.berlin/system/accounts/avatars/000/008/188/original/22fc086a2add8bb0.png)
IPv6 crowd is gonna hate this, but after trying a lot of things now, the solution to getting per-client block settings using AdGuard Home for Android devices seems to be:
Disabling IPv6
🤷
https://github.com/AdguardTeam/AdGuardHome/issues/7771
But doesn't seem that big of an impact, because nginx proxy manager also doesn't handle IPv6
https://github.com/NginxProxyManager/nginx-proxy-manager/issues/1671
![[?]](https://cdn.tenforward.social/accounts/avatars/113/478/419/701/443/766/original/67e87677e8793fa1.png)
Any #hamradio folk want to try hacking AllStarLink to work over #IPv6 ?
In /etc/asterisk/iax.conf under [general] add a line:
bindaddr = [::]
I've successfully used DVSwitch Mobile with my node in this config.
Now for the untested part. I think if you add an entry for my node in rpt.conf as
1601 = [email protected]/47201,NONE
then you should be able to connect over IPv6. (Replace the 1601 with any number 1000-1999 you aren't using.)
I tried to use [::1] for a private node which didn't work, but ip6-localhost did, so it would seem as long as DNS resolves this should work.
![[?]](https://gyptazy.com/fedi/gyptazy/s/avatar-1aa83a84ee47c864bc90216a89d0efcf.png){kind=avatar}
#sylve #freebsd #jail #jails #bhyve #vm #virtualization #manager #ipv6 #zfs #opensource #runbsd #blog #devops #go #golang #cluster #freebsdcluster #bhyvecluster
https://gyptazy.com/blog/sylve-a-proxmox-alike-webui-for-bhyve-on-freebsd/
Amazon CloudFront now supports IPv6 origins for end-to-end IPv6 delivery
by Sagar Desarda and Ravi Avula on 03 SEP 2025
![[?]](https://ipv6.social/system/accounts/avatars/113/736/943/907/071/758/original/ddf07928182b3bda.jpeg)
"Accelerate your IPv6 journey: Introducing DNS64 and NAT64 for the Cross-Cloud Network"
![[?]](https://media.burningboard.net/accounts/avatars/109/892/422/024/311/931/original/f22e604f554272c0.png)
Finally migrated my Gateway to OPNsense (of course with IPv6!), running on a FreeBSD server in bhyve (with PCIe passthrough for the Intel NICs)
One interface (vtnet0) is bridged to a VM Switch on the BSD server, to route traffic to other VMs and Jails 🙂
Running smooooth and gives me so much more insight and options than the old Unifi hardware, I used before.
Also my WiFi (also new) is now absolutely amazing:
❯ iw dev wlp2s0 info
Interface wlp2s0
ifindex 3
wdev 0x1
addr 82:20:1e:70:67:42
ssid M56-Home
type managed
wiphy 0
channel 69 (6295 MHz), width: 160 MHz, center1: 6345 MHz
txpower 16.00 dBm
Basically saturates the 1Gbps link entirely :)
#freebsd #opnsense #ipv6 #networking #bhyve #wifi
![[?]](https://content.federation.network/f/1816f184-e49d-4086-9d31-8dcb83d0aaf4.png)
I've added more than 150 domains of the German Federal Government as an #IPv6 campaign to whynoipv6 and it's currently the second worst of all monitored campaigns 🙌
https://whynoipv6.com/campaign
None of the sites hosted by @[email protected] seem to be IPv6 ready at all.
@bkuhn @paulv That is a question I've been dealing with in some form for the last 15 years. Is it a "drop everything and do this now" priority? No, as you state, your org's primary objectives have to come first. What it does mean, however, is this is another item in your checklist. When contracts come up for renewal, or new contracts are being drawn up, make sure the vendor is providing #IPv6 capabilities. When the technology is up for a refresh, make sure the IPv6 is there.
As it stands at this exact moment, there is probably no one that would be unable to reach that website being on IPv4 only. There exist plenty of transition technologies to allow new modern networks to reach resources on the legacy network. But I emphasize: transition. We don't get to the new by relying on bridges to the old.
Ideally, neither of us should have to be fighting as hard as we are for the things we are. But we see the better world that's possible, so we keep fighting. Thankfully we're doing it together.
@bkuhn Can you make GiveUpGithub.org reachable over #IPv6 ?
One of the factors that gave rise to Open Source as we know it today was the ability to put new projects directly onto the Internet from whatever workstation or small closet server we happened to have access to. With the bulk of the legacy IPv4 space having been gobbled up by the large players, the only option to keep that ability alive is to ensure that IPv6 gets deployed everywhere.
boosted![[?]](https://friendica.sokoll.com/photo/profile/rainer.jpeg?ts=1735744636)
Mir fliegt ziemlich exakt alle 20 Minuten das v6 weg bei Netcup, ein flush auf die Input-Chain plus neuladen des Regelsatzes hilft dann (für 20 Minuten). Ich habe RA in Verdacht.
Wenn ich sämtliches v6 in der Input-Chain gestatte, gibt es keine Ausfälle.
Wenn ich nur diese gestatte:
- destination unreachable (1)
- echo request (128)
- neighbor advertisement (136)
- neighbor solicitation (135)
- packet too big (2)
- parameter problem (4)
- redirect (137)
- router advertisement (134)
- router solicitation (133)
dann knallt es wieder nach 20 Minuten. Was könnte mir fe len? Oder ist es unbedenklich, einfach alles anzunehmen?
![[?]](https://cdn.masto.host/socialwildeboernet/accounts/avatars/000/000/001/original/9a6cd2c178711b76.jpeg)
Just installed #crowdsec on my new VPS (Virtual Private Server) and happily noticed that all my 3 servers prefer #IPv6 to talk to crowdsec :)
How to install crowdsec on a RHEL10 (Red Hat Enterprise Linux) machine? Glad you ask! https://codeberg.org/jwildeboer/gists/src/branch/main/2025/20250830CrowdSec.md
Does it work? Well, yes, in my opinion. 55k IP addresses blocked right now. On a VPS with 2GB RAM, no real performance impact.
Alt...
List of my 3 public servers that use crowdsec to feed their respective firewalls. All 3 use IPv6 to communicate with the central API.
Alt...
Local API Decisions
Reason │ Origin │ Action │ Count │
ssh:bruteforce │ CAPI │ ban │ 1824 │
crowdsecurity/http-bad-user-agent │ crowdsec │ ban │ 1 │
crowdsecurity/postfix-non-smtp-command │ crowdsec │ ban │ 1 │
free_proxies │ lists │ ban │ 25189 │
generic:scan │ CAPI │ ban │ 1117 │
http:crawl │ CAPI │ ban │ 22 │
pop3/imap:bruteforce │ CAPI │ ban │ 775 │
smtp:spam │ CAPI │ ban │ 49 │
SMTP bruteforce │ cscli │ ban │ 80 │
Spam │ cscli │ ban │ 9 │
firehol_botscout_7d │ lists │ ban │ 3228 │
http:exploit │ CAPI │ ban │ 10712 │
http:scan │ CAPI │ ban │ 3075 │
SASL bruteforce │ cscli │ ban │ 973 │
firehol_greensnow │ lists │ ban │ 7953 │
boostedNew blog post: "IPv6 at home — my simple solution" A very minimal, pragmatic solution so I can start working with IPv6 in my network at home — even without an internet connection. Experts might get a bit irritated and I hope you can channel your wisdom in friendly replies to this post so we can all learn and become better at IPv6, help a n00b!
Replies to this post will show up as comment under the blog post.
RDS Data API now supports IPv6
Posted on: Aug 29, 2025
https://aws.amazon.com/about-aws/whats-new/2025/08/rds-data-api-ipv6/
![[?]](https://media.infosec.space/infosec-space/accounts/avatars/111/903/301/848/665/104/original/92fdee3f80aa1325.png)
@jwildeboer I wish I could get #IPv6 but my #ISP is so incompetentband unwilling to provide details (despite being obligated to do so by law), but given they have absurdly high latency for uplink and downlink (despite being DOCSIS) I am convinced they have some serious peering issues...
Creative use of the Match rule in ssh, part 2. At home my machines now all have IPv6 addresses in my private ULA (Unique Local Address) range.
So I can check if I am at home with a simple `ping6` and if yes, connect directly via IPv6. If not, I go through port forwarding on my bastion host with IPv4.
No matter where I am, `ssh homepi` should JustWork™ :)
(I obviously changed some bits here and there to avoid you trying to hack into my network :)
Alt...
Match originalhost homepi exec "timeout 0.1 ping6 -c1 fdda:a4da:69a5:0:4b9e:d2a6:d62:a3"
HostName fdda:a4da:69a5:0:4b9e:d2a6:d62:a3
Port 22
Host homepi
HostName hga12.dynd.ns
User root
Port 2341
Yes, NAT66 exists. It's also an abomination. It should not be used, especially to work around a provider's faulty implementation. Make noise! Make them fix it! Otherwise there won't be any impetus for those who come along behind to do it right either.
Watching the premier of the Python documentary ( https://www.youtube.com/watch?v=GfH4QL4VqJ0 ). Reminded how the Python 2 -> 3 transition has a lot of parallels to the IPv4 -> #IPv6 transition.
![[?]](https://media.bsd.cafe/bsdmmedia01/accounts/avatars/112/228/761/649/521/436/original/845b520185b335ee.jpg)
⚠️ News/Changes:
BoxyBSD will bring in a feature for more advanced users for our free boxes. Instead of only selecting a set of pre-defined BSD based images, you'll soon also be able to create your install simply from scratch with full remote access to your box. This lets you perform custom installations of #FreeBSD, #NetBSD, #OpenBSD, #DragonflyBSD, #MidnightBSD but also of some other niche systems like #illumos
Unfortunately, this might still take some time and fully relies on the spare time of @gyptazy.
#freeVPS #VPS #BSD #Box #BoxyBSD #gyptazy #opensource #education #community #foss #runbsd #hosting #freehosting #learning #ipv6
AWS App Runner expands support for IPv6 compatibility
Posted on: Aug 27, 2025
https://aws.amazon.com/about-aws/whats-new/2025/08/aws-app-runner-expands-support-ipv6/
![[?]](https://assets.chaos.social/accounts/avatars/000/138/092/original/9327a2c04863b1ef.png)
#ItsAlwaysDNS Finally learning IPv6, a thing I tried to avoid for the longest time. All my servers are reachable via IPv6, I know how to do that, but now I am learning to set up IPv6 in my home(lab) network and wrapping my head around concepts like ULAs (Unique Local Addresses, that don't route to/from the internet), prefixes I get from my ISP and how all of that translates to DNS entries on my BIND9. Mistakes will be made.
1/4
OK. Step 1 done. My homelab machines get ULAs and I have added AAAA records to my DNS. So this already works :) Ping and ssh via IPv6 with hostname resolution via my own DNS server. Now to add reverse lookup.
Unfinished brain dump at https://codeberg.org/jwildeboer/gists/src/branch/main/2025/20250827BasicIPv6Unfinished.md
Corrections and enhancements welcome! I'm a noob wrt IPv6 ...
3/4
Alt...
cat /var/named/forward.homelab.jhw
$TTL 3600
@ IN SOA inf01.homelab.jhw. root.homelab.jhw. (
2025082705 ;Serial
3600 ;Refresh
1800 ;Retry
604800 ;Expire
86400 ;Minimum TTL
)
@ IN NS inf01.homelab.jhw.
@ IN A 192.168.1.10
inf01 IN A 192.168.1.10
inf01 IN AAAA fdda:a4da:69a5:0:2783:8c26:b2f1:a6f7
hl01 IN A 192.168.1.11
hl01 IN AAAA fdda:a4da:69a5:0:6e4b:90ff:fe75:3a73
hl02 IN A 192.168.1.12
hl02 IN AAAA fdda:a4da:69a5:0:6e4b:90ff:fe21:c3f5
hl03 IN A 192.168.1.13
hl03 IN AAAA fdda:a4da:69a5:0:6e4b:90ff:fe21:ca06
ca IN CNAME inf01.homelab.jhw.
Alt...
% ping6 -c 2 hl01.homelab.jhw
PING6(56=40+8+8 bytes) fdda:a4da:69a5:0:1c38:385f:940:d721 --> fdda:a4da:69a5:0:6e4b:90ff:fe75:3a73
16 bytes from fdda:a4da:69a5:0:6e4b:90ff:fe75:3a73, icmp_seq=0 hlim=255 time=16.264 ms
16 bytes from fdda:a4da:69a5:0:6e4b:90ff:fe75:3a73, icmp_seq=1 hlim=255 time=9.203 ms
--- hl01.homelab.jhw ping6 statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 9.203/12.733/16.264/3.531 ms
% ssh -6 [email protected]
Web console: https://hl01.homelab.jhw:9090/ or https://192.168.1.11:9090/
Last login: Wed Aug 27 21:20:42 2025 from 217.237.90.172
root@hl01:~# who
root pts/0 2025-08-27 21:29 (fdda:a4da:69a5:0:1c38:385f:940:d721)
root@hl01:~#