The question above for the most part, been reading up on it. Also want to it for learning purposes.

  • duncesplayed@lemmy.one
    link
    fedilink
    English
    arrow-up
    5
    ·
    edit-2
    1 year ago

    (Whoops, accidentally hit “Delete” instead of “Edit” and Lemmy doesn’t ask for confirmation!! Boo!! I’ll try to retype my comment as best I can remember)

    I’ll buck the trend here and say “Yes, for a home LAN, it’s absolutely worth it. In fact for a home LAN it is more important than in a data centre. It is absolutely the bees’ knees for home and is worth doing.”

    All of that depends on how your ISP does things. When I did it, I got a /56, which is sensible and I think fairly common. If your ISP gives you anything smaller than a /64, (a) your ISP is run by doofuses, but (b) it’s going to be a pain and might not be worth it. (I now live in literally one of the worst countries in the world for IPv6 adoption, so I can’t do it any more)

    The big benefit to it is that you can have your servers (if you want them to be) publicly reachable with one unique address, the way the Internet was originally designed to work. This means you can use exactly the same address to reach them outside the network as you would inside the network. Just make one AAAA for them and you can get to it from anywhere in the world (except my country).

    When I did it, I actually just set up 2 /64s, so a /63 would have been sufficient (but a /56 is nice). Maybe you can think of more creative ways of setting up your networks. Network configuration is a lot of fun (I think).

    I had 1 /64 for statically-assigned publicly-reachable servers. Then I had a separate /64 for SLAAC (dynamic) end-user devices, which were not publicly reachable (firewalled to act essentially like a NAT). (Sidenote: if you do go to IPv6 for your home network, look into RFC7217 for privacy reasons. I think it’s probably turned on by default for Windows, Android, iOS, etc., these days, but it’s worth double-checking)

    • festus@lemmy.ca
      link
      fedilink
      English
      arrow-up
      4
      ·
      1 year ago

      Sigh… not an ISP, but the service I rent my server from only provides me with a /128. Yes that’s right, exactly one IPV6 address and not one more.

    • iwasgodonce@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Not having to deal with split horizon dns or nat hairpinning is pretty nice, especially with so many things using DoH with public resolvers nowadays, like android or firefox.

      I just put A and AAAA in public dns so things work either ipv4 or ipv6 on the outside. On the inside everything works on and prefers ipv6 so it just works on the inside too. Nothing ever even attempts to use the wrong (public) A record on the inside.

      • duncesplayed@lemmy.one
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        That’s less fun. I believe you’ve either got to put everything on one SLAAC network (no static IPs), or you’ve got to use DHCPv6 (with a smaller network size) instead of SLAAC.

        • orangeboats@lemmy.world
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Right, everything is on SLAAC. My ISP only delegates /48 ~ /56 to business customers (according to their customer service).

          Thankfully, RFC 7217 made SLAAC-only networks sufferable - you don’t to expose your MAC address to the entire world for stable addressing.