[starfleet_bop]

I thought best practice for IPv6 is to essentially ‘ignore’ IP addresses as each NIC can have multiple addresses + the extended length making it unwieldy. Instead you either use a combination of zeroconf / Bonjour for DNS registration / service discovery + stateless IP address assignment (SLACC). If you want full control you can use DHCPv6 which can register hosts on a proper DNS service.

[hotpotamus]

Is SLACC still used? I thought it used EUI-64 assignments which leaks MAC addresses which is supposed to be a problem for some reason.

[gerdesj]

SLAAC is a core component of IPv6 - it's how a machine determines an address on a subnet without DHCPv6. Basically:

"yoohoo - where am I?"

"You are on 2001:1001:1001:f0d::/64. My name is [ipv6] and I am a router and for some odd reason, I won't tell you where DNS comes from because ... stupid design"

"Cool, I'll fiddle in my drawers and play with my MAC address and create a really long number that starts 2001:etc. I'll also create a few other addresses randomly to hide my private parts (which is a waste of time but looks good - lol)"

No idea what you are on about wrt EUI-64 being tied to SLAAC. Why not have a go at it instead of pontificating?

Having used IPv6 in anger for several years now, it is a bit different but it is actually quite beautiful at times. It does enforce decent DNS and who here has not said "its DNS"?

[hotpotamus]

I've set up SLAAC before but it's not something I do often. Frankly I'm still on the fence of whether or not v6 was a good idea. Fiddling in the drawers with the MAC address is EUI-64 though, and I was under the impression that the SLAAC "client" doesn't broadcast any kind of discovery message - it just listens to the network to determine the prefix, and then generates the EUI-64 portion as its host address since it should be globally unique as it's based on its MAC address.

Like I said, I don't touch v6 much and I'm pretty surprised at how far we've made it past v4 allocations drying up and everything still seems to work.

[gerdesj]

You'll be fine for a long time. IPv6 is not quite right but not for the reasons that you'll usually see on HN/Reddit/whatevs.

It does work pretty well already but I put it rather below the significance of say global warming as a thing to really worry about.

Give it a go if you get a prefix from your ISP. It's worth a play.

This sort of thing takes 50+ years to work. You have to think like an Engineer with a lot of time to play with. The internet is everywhere, it doesn't change overnight.

[throw0101a]

> I thought it used EUI-64 assignments which leaks MAC addresses which is supposed to be a problem for some reason.

You're about a decade (2007) behind the times:

   Nodes use IPv6 stateless address autoconfiguration to generate
   addresses using a combination of locally available information and
   information advertised by routers.  Addresses are formed by combining
   network prefixes with an interface identifier.  On an interface that
   contains an embedded IEEE Identifier, the interface identifier is
   typically derived from it.  On other interface types, the interface
   identifier is generated through other means, for example, via random
   number generation.  This document describes an extension to IPv6
   stateless address autoconfiguration for interfaces whose interface
   identifier is derived from an IEEE identifier.  Use of the extension
   causes nodes to generate global scope addresses from interface
   identifiers that change over time, even in cases where the interface
   contains an embedded IEEE identifier.  Changing the interface
   identifier (and the global scope addresses generated from it) over
   time makes it more difficult for eavesdroppers and other information
   collectors to identify when different addresses used in different
   transactions actually correspond to the same node.

* https://datatracker.ietf.org/doc/html/rfc4941

   This document describes an extension to IPv6 Stateless Address
   Autoconfiguration that causes hosts to generate temporary addresses
   with randomized interface identifiers for each prefix advertised with
   autoconfiguration enabled.  Changing addresses over time limits the
   window of time during which eavesdroppers and other information
   collectors may trivially perform address-based network-activity
   correlation when the same address is employed for multiple
   transactions by the same host.  Additionally, it reduces the window
   of exposure of a host as being accessible via an address that becomes
   revealed as a result of active communication.  This document
   obsoletes RFC 4941.

* https://datatracker.ietf.org/doc/html/rfc8981

* https://en.wikipedia.org/wiki/IPv6_address#Stateless_address...