Comment by sliken

5 days ago

Do you have a static IPv4, presumably a single IP?

I find it useful, mine does change periodically, but I just have a script that Updates DNS when it changes:

   nsupdate -v -y "${KEY_ALGO}:${KEY_NAME}:${KEY_SECRET}" <<EOF
   server $DNS_SERVER
   zone $ZONE 
   update delete $RECORD AAAA
   update add $RECORD 300 AAAA $CURRENT_IP
   show
   send
   EOF

Sure some services might notice for a bit, but it's plenty good for me.

7 comments

sliken

przmk 5 days ago

I don't have a static IPv4 address and I have to use a DDNS built into the Caddy plugin on my OPNSense router. From what I understand, you can't get a static "local" (I know, IPv6 has no direct equivalent) address to use for a reverse proxy — at least not in an easy manner. I might be completely wrong but that's why I don't bother with IPv6.

kstrauser 5 days ago
You’re looking for a Unique Local Address there. It’s a non-externally-routable address that you can use for internal connections.
https://en.wikipedia.org/wiki/Unique_local_address
- simoncion 5 days ago
  
  Yep. ULA addresses are the equivalent of 10.0.0.0/8, 192.168.0.0/24, and 172.16.0.0/12 space. [0] And you can use them to do NAT, just like with IPv4.
  The huge difference from the IPv4 world is that the procedure for generating your /48 ULA prefix ensures that it's very, very unlikely that you will get the same prefix as anyone else. So, if everyone follows the procedure, pretty much noone has to worry about colliding with anyone else's network.
  Following the procedure has benefits. For example, VPN providers who want to use IPv6 NAT can do that without interfering with the LAN addressing of the host they're deployed to... companies that merge their networking infrastructure together can spend far less (or even zero) time on internal network renumbering... [1] etc, etc, etc.
  [0] And link-local addresses are the equivalent of 169.254.0.0/16 space.
  [1] Seriously, like a year after one BigCo merger I was subject to, IT had still not fully merged together the two company's networks, and was still in the process of relocating or decommissioning internal systems in order to deal with IPv4 address space constraints. Had they both used ULA everywhere it was possible to do so, they could have immediately gotten into the infosec compliance and cost-cutting part of the network merging, rather than still being mired in the technical and political headaches forced upon them by grossly insufficient address space.
  
  2 replies →
- immibis 5 days ago
  
  Note that although the policy is that you choose a random prefix, nothing actually enforces this and nothing stops you using fd00::1, fd00::2, etc just like 10.0.0.1 etc.

magicalhippo 5 days ago

I technically have a dynamic IPv4 address from my ISP. I've had the same for five years now, across multiple power outages.

I also have a dynamic IPv6 prefix. That one changes at least once a week, regardless.