My problem with IPv6 is that my ISP (Xfinity) won't give me a static prefix, so every now and again it changes.
Unlike IPv4, my LAN addresses include the prefix, so every time they change it, all my LAN addresses change.
Combined with the lack of DHCP6 support in many devices, this means reverse DNS lookups from IP to hostname can't be done, making identifying devices by their IP essentially impossible.
I think you’re conflating multiple things there. There’s nothing magical about IPv4 that gives your LAN addresses stability when your ISP changes your IP prefix. That’s provided by your router doing network address translation. You send a packet from your address which is 192.168.0.42 (a local address), and your router changes the bytes in the packet so that it comes from X.Y.Z.W (your router’s public address). If you really wanted it to your router could do the same thing for IPv6.
IPv6 also has local addresses, but a lot more of them. Anything starting with fd00::/8 is a local address with 40 bits available as the network number. So you can set up your local network with the prefix fdXX:XXXX:XXXX::/48 (where the Xs are chosen randomly) as the prefix and still have 16 bits left over for different subnets if you want. These addresses do not change when your ISP changes your public prefix.
And if you want to add reverse dns for SLAAC addresses then just have your router listen for ICMPv6 Neighbor Announcement addresses and use them to update your DNS server as appropriate. Or configure your servers to use stable addresses based on their MAC address rather than random addresses (which are better for privacy), and then just configure the DNS as you add and remove servers.
Keep in mind the WAN AND LAN preferences associated.
what servers?
The things on your LAN that you're connecting to via DNS and IP, which cause the desire to have stable LAN IPs in the first place.
That's what DNS is for... to not need to remember or know numerical addresses.
And DNS is easier to set up if the IP doesn't change constantly.
This conversation is going in circles.
If you're doing your DNS properly it's not really that difficult. If you're statically definining all your DNS you're doing it wrong.
Okay, how do I properly set DNS so it tracks the changing public addresses of my desktop and printer? And I'd better still be able to use SLAAC.
You register addresses based on Router/Neighbor Advertisements in NDP. In your RA, you'd point it to your DNS server, which would then handle registration when hosts check in with their new IP addresses.
Which dns server supports this kind of dynamic dns in practice?
Wow look, DNS has the solutions!
How, exactly, pray tell, is "properly"?
> Unlike IPv4, my LAN addresses include the prefix, so every time they change it, all my LAN addresses change.
Yes, a topic of active discussion at the IETF. See perhaps BCP RFC 9096, "Improving the Reaction of Customer Edge Routers to IPv6 Renumbering Events":
* https://datatracker.ietf.org/doc/html/rfc9096
And informational RFC 8978, "Reaction of IPv6 Stateless Address Autoconfiguration (SLAAC) to Flash-Renumbering Events":
* https://datatracker.ietf.org/doc/html/rfc8978
A few drafts, like "Improving the Robustness of Stateless Address Autoconfiguration (SLAAC) to Flash Renumbering Events":
* https://datatracker.ietf.org/doc/html/draft-ietf-6man-slaac-...
Using ULA seems to be what a lot of folks recommend:
* https://en.wikipedia.org/wiki/Unique_local_address
you should advertise a local prefix (anything in fd00::/8) in your network and it should just work. no need to use the isp-provided prefix for lan.
There are some address source selection problems if you're still using any ipv4 for the local services https://blog.ipspace.net/2022/05/ipv6-ula-made-useless/
Are those problems? If either addressing method works and is reachable, who cares which one end up getting used first?
For IPv6, multiple addresses on an interface is the norm: an interface has both a public address from your ISP (replacing IPv4 NAT) and a unique local address (replacing stable IPv4 RFC 1918 LAN addresses).
My ISP will route as many /64s to me as I want (I think I get a /48 by default, I guess if I want more than 64k subnets I’d have to justify it)
So I don’t have the changing ip issue. I do however have an issue if I want to change ISP as it’s a whole mess of rules to update rather than a couple of dns entries and two dst nat rule (one per public IP)
I believe the idea in v6 if you have multiple prefixes on the same network - including a local fc00::/7 one for local services. Layers and layers of things to break.
Odd.
Using Openwrt which pretty much all home routers are built on, all I have to do is tell my router which offset to give my subnets from the prefix and it does the rest.
Both for subdividing up the prefix from the ISP and my ULA prefix I use for internal devices.
I have changed ISPs I think 3 times with no ill effects. Plus it works when my ISP occasionally gives me a new prefix.
The only tweaking I had to do was when I went from an ISP that game me a /48 to one that only gave me a /56. I had been greedy and was handing a /56 to my internal router. I changed that to a /60 and updates it's expectations about which subnets it could hand out and all was good.
But I expect two layers of home routers without NAT is a bit of an exception.
Use a ULA (unique local address) for everything internal that you want shorter. It's just like rfc1918 addresses except you don't need NAT.
Well.. that's because with ipv6 you're not technically on a lan everything is exposed by default unless you set it all up differently.
Nope, you're on a LAN, and usually the router has a firewall that blocks inbound connections by default. Some OSs (like Windows) also have their own by-default firewalls that block connections from hosts on different networks out of the box.
Is reverse dns even a thing outside of irc and forgetting to give command line tools the "don’t be slow" flag?
If you run a traceroute with DNS on, that is referencing DNS PTR records of those IP addresses.
(same for ping)