[ale] IPv6 local devices with a prefix that may change
DJPfulio at jdpfu.com
DJPfulio at jdpfu.com
Sun Nov 6 15:01:30 EST 2022
On 11/6/22 13:57, Alex Carver via Ale wrote:
> So that's part of the problem, right?
>
> Let's say the prefix changes, how do I now access devices that are
> using the old prefix? If I have 50 devices then I have to manually
> change them all every time the prefix changes plus change everywhere
> I use that IP.
>
> With IPv4/NAT I didn't have to worry, they were always the same IP no
> matter what happened outside.
Stop using IP addresses, that's why we have DNS. DNSmasq is a light-enough DNS server for a LAN. If you choose to run BIND, be certain to read all the best practices and assume it will be hacked. The master BIND server doesn't need to run all the time and really shouldn't be handling client queries.
You don't have to manually change them all-the-time. It isn't like devices change LANs all the time. Check out 'ansible' or 'expect' to automate stuff. Heck, if you don't like DNS, one of the first things I did with Ansible was to automate pushing updated /etc/hosts files to systems on the LAN. It is a fairly trivial thing to learn ansible and templates.
You can keep using IPv4 on the LAN too. Is there some mandate for IPv6?
Or are you not disclosing something important about these systems - like you move every week to a new conference and want to setup a LAN there? That's a vastly different problem then worrying about a small business or home LAN setup that changes once every 3-20 yrs.
Back before we had NAT, we'd get a subnet for every device and when we changed providers, we'd spend a Friday night re-IPing all the systems. I handled all the Unix systems. It was "four easy commands" and all the systems were modified - Linux, AIX, HP-UX, Solaris, and BSD. We didn't change our domain on the LAN. We didn't change hostnames. Just IPs. Heck, even tcp-wrappers support domain-based rules, which we used. Same for NIS (this was before NIS+).
>
> On 2022-11-06 10:51, DJPfulio--- via Ale wrote:
>> On 11/6/22 13:39, Alex Carver via Ale wrote:
>>>
>>> The thing I was primarily asking about is how to be robust
>>> against a prefix change in an IPv6 implementation similar to how
>>> IPv4/NAT helps isolate me from my WAN's IP changing assuming that
>>> I don't use NAT because nearly everyone screams about it if you
>>> threaten to use it on an IPv6 system.
>>
>> Isn't this solved by DNS? Leave the hostnames the same, regardless
>> of the LAN. Just change the IP stuff in the DNS ... and on the
>> host, of course.
>>
>> I've been burned by using centralized DHCP reservations, so only
>> use them for devices that are portable or don't support a method to
>> manually configure IPs ON-THE-DEVICE.
More information about the Ale
mailing list