813
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 09 Jun 2024
813 points (98.1% liked)
Programmer Humor
19870 readers
27 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 2 years ago
MODERATORS
You do need to know it when you're working with subnets and routing tables.
Unless you have anything but a flat network structure with everything in one subnet, working with IPV6 is a giant PITA.
I'm curious how you normally deploy since there's a couple of ways to do it, I've mostly dealt with requesting a number of prefixes from the upstream router and delegating to each subnet/VLAN as appropriate, and each time I've done it it's been a breeze
Even if you need static addressing you can just set it manually and DAD will handle it if it ever conflicts with a DHCP address, at least in my experience
It's when you have to set static routes and such.
For example I have a couple of locations tied together with a Wireguard site-to-site VPN, each with several subnets. I had to write wg config files and set static routes with hardcoded subnets and IP addresses. Writing the wg config files and getting it working was already a bit daunting with IPv4, because I was also wrapping my head around wireguard concepts at the same time. It would have been so much worse to debug with IPv6 unreadable subnet names.
Network ACLs and firewall rules are another thing where you have to work with raw IPv6 addresses. For example: let's say you have a Samba share or proxy server that you only want to be accessible from one specific subnet, you have to use IPv6 addresses. You can't solve that with DNS names.
Anyway my point is: the idea that you can simply avoid IPv6's complexity by using DNS names is just wrong.
Yes. However I can just avoid using ipv6 by NATing the fuck out of my network lol. Kick that can!
You don't even have to NAT the fuck out of your network. NAT is usually only needed in one place: where your internal network meets the outside world, and it provides a clean separation between the two as well, which I like.
For most internal networks there really are no advantages to moving to IPv6 other than bragging rights.
The more I think about it, the more I find IPv6 a huge overly complicated mistake. For the issue they wanted to solve, worldwide public IP shortage, they could have just added an octet to IPv4 to multiply the number of available addresses with 256 and called it a day. Not every square cm of the planet needs a public IP.
You can subnet it with the exact same rulea as IPv4, nothing is chaning there.
Replace, for example, 192.168. with fd01::, with digits after this being divided however you like. You might step upon a too basic router that has it's own way to assign addresses with no way to change it, but that would not be IPv6 fault.