Unfortunately, going IPv6 only is a pain since so much stuff is still reliant on IPv4.
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Can you elaborate? Hardware or software or both? Other than one network appliance, most of my stuff isn't too old.
Now that I start thinking about it, my work stuff may be impacted.
Many websites are still IPv4 only, so you won't be able to access them unless you set up a NAT64 gateway. Some stuff won't work over NAT64 though.
Most recent hardware should support IPv6, but a lot of IoT devices still don't. You can put any IoT devices on their own IPv4 network since it's a security risk to have them on your main network though.
When troubleshooting some network shares and other issues the remedy was disable ipv6 lol. i'm not familiar with ipv6 enough to know the pros other than more IP addresses available, but since its all on mu LAN i have no need for ipv6
For your internal LAN there aren't really any pros.
The beauty of your homelab is that you can try and break things, learn something from it and try something else.
Are you binding services to specific addresses? Normally if you bind your service to :: it will receive IPv4 connections using ::ffff:x.x.x.x addresses.
I was not binding to specific adresses, but was probably a problem with a specific release of Java (Oracle Java maybe.) My distro's Java was doing weird video things, but the Oracle version was not, but then it could not reach outside the local computer. Debugging logs showed that it tried IPv6 and failed, then quit trying instead of falling back to IPv4. Disabling IPv6 in the Java JRE configuration solved the issue, but set me on the path to "modernize" my network stack. In hindsight, it's probably not something that I really have the time to take on right now.
Trying IPv6 and failing is normal. Modern software that supports both is supposed to try both, but sometimes people mess it up…
In general, if you write code that connects to another computer over the network, you want to be connecting to a string, not an IP address. If you write something like connect("lemmy.world", 443)
, it should connect over either IPv6 or IPv4. However, if you write something like connect(getHostByName("lemmy.world"), 443)
, that usually will return a single IP address and if that address doesn't work then the connection fails.
The Java documentation says it should just work "if everything has been done appropriately." https://docs.oracle.com/javase/8/docs/technotes/guides/net/ipv6_guide/
Acronyms, initialisms, abbreviations, contractions, and other phrases which expand to something larger, that I've seen in this thread:
Fewer Letters | More Letters |
---|---|
DNS | Domain Name Service/System |
IP | Internet Protocol |
IoT | Internet of Things for device controllers |
NAT | Network Address Translation |
PiHole | Network-wide ad-blocker (DNS sinkhole) |
5 acronyms in this thread; the most compressed thread commented on today has 11 acronyms.
[Thread #110 for this sub, first seen 6th Sep 2023, 04:55] [FAQ] [Full list] [Contact] [Source code]
As someone mentioned above, there are some soho devices I have run into that plainly just won’t work with IPv6 even though they claim to and will pull a lease. One or two I have seen just seem to stop working simply by having v6 enabled. Hours of troubleshooting. Its worth making sure someone in internet-land at least claims v6 works on any persistently trouble some devices.
I'm trying to be progressive, but after thinking outside of my little network and reading the posts here, it seems like there's still a long way to go before I should consider it. I don't have a split network at home and it would potentially affect everyone in the house. Additionally, I don't have serious needs for production-grade network equipment, so the chancs of that cheap usb-to-ethernet adapter with more Chinese characters than English in the instruction sheet has a high probability of biting me.
This was sort of a wild hare thought of disabling IPv4 vs disabling IPv6 to solve a problem that's more of an inconvenience. I am probably not ready for this undertaking. Maybe I'll revisit it when I get around to partitioning my network.
Yes. I just feed it off the /60 my isp gives. Me and I just use my router to segregate the rest. Gotta love Mikrotik. It's alot easier without dealing with NAT but the ip space calculations need a bit more though
I went IPv6-only for everything internal. The only thing that's dual stack is the wireguard server running on the gateway. I haven't run into any issues, mostly because my Linux distro's package repository has many IPv6-compatible mirrors (enabled by default). For anything not in the distro's repos, I build from source and package them up into RPMs myself, so as a side-effect, I don't have to deal with eg. Github not supporting IPv6.
Even things with generally crappy firmware, like the APC UPS management card, Supermicro & ASRock IPMI management interfaces, etc. have worked fine in an IPv6-only setup for me.
I avoid ipv6 as much as possible.
Why?
It fucking sucks. I’ve been hearing about it for twenty plus years and it’s caused me more problems than it’s solved. Comcast DNS routinely breaks connecting to niche sites like Microsoft 365 😑. Its overly complicated and easier to screw up. If turning off IPv6 would stop solving more problems maybe I’d give it a better go, but as it stands it’s like the USB-c standard of a clusterfuck of poor design and implementation in practice.
I'm sorry you've had a poor experience, but I've had nothing but smooth sailing since my ISP gave me a /64. I had to re-learn most of what I knew and unlearn a few bad v4 habits, but v6 has solved issues that I was tired of dealing with. I can't imagine what you're doing to think it's more complicated and easier to screw up than v4.
And that is the biggest problem it is different then ipv4 and you have to learn new stuff. My worst was up keeps changing the prefix so I had to find out how to write an allow rule that ignored the prefix and only allowed the end but since they always stayed the same.
What do you mean up keeps changing the prefix?
If DNS wouldn’t constantly break I’d be more open to learning. Right now what’s the point?
Lets say you have a bunch of self hosted servers. How are you tracking their ips on ipv6? Are you able to type the ip off the top of your head? I feel like its very simple with ipv4.
Use the names. I connect to my self hosted services all the time over ipv6 using DNS. Still use ipv4 to ssh though as my prefix changes alot,sometimes multiple times a day.
How are you tracking their ips on ipv6?
Are you able to type the ip off the top of your head?
I write them down, just as I do v4. I don't type v4 off the top of my head any more than I do v6- but even if I did, I'd only have to really memorize the prefix because that's all universal across my whole network. For example, look at this that I ripped from my documentation:
== PROXMOX CONTAINERS & VIRTUAL MACHINES ======================
C:TorRelay - 192.168.78.160 / 2a05:f6c7:8039::12ad
C:Gonic - 192.168.78.161 / 2a05:f6c7:8039::1255
C:Wireguard - 192.168.78.162 / 2a05:f6c7:8039::1666
V:ADS-B - 192.168.78.163 / NA
C:Apache - 192.168.78.164 / 2a05:f6c7:8039::1337
C:Backups - 192.168.78.165 / 2a05:f6c7:8039::0107
C:PiHole - 192.168.78.166 / 2a05:f6c7:8039::1811
C:NetworkFun - 192.168.78.167 / 2a05:f6c7:8039::1192
C:MovieSync - 192.168.78.168 / 2a05:f6c7:8039::2356
C:Owncast - 192.168.78.170 / 2a05:f6c7:8039::1368
Do you see the pattern? I could have made it even simpler. I could've made the last quartet of the v6 address the same as the last octet of the v4 address, but I didn't think of it at the time. I've memorized more credit cards than I have IP addresses in total, which you will surely agree are more complex, so I'm not worried about when the time comes to drop v4 and its time to memorize v6. It will come naturally with use, as the credit cards have
In practice, I've found, that it is simply not a problem. If I don't know the last quartet off the top of my head, I won't know the last octet either so I have to look it up anyway. All my network documentation is available with a simple curl command. If I do know the last quartet but not the prefix, I could type 'ip a' and find the prefix right there.
Having used Azure for a few years now I feel like that might not be entirely on Comcast.
Maybe, but I have yet to see another home ISP with the same problem.