Comment by touisteur
1 day ago
There are ways to build blocklists for IPv6. I saw (used) once bloom filters for this. Inspired by some papers from the 2000s, this one in 2009 https://www.nokia.com/bell-labs/publications-and-media/publi...
1 day ago
There are ways to build blocklists for IPv6. I saw (used) once bloom filters for this. Inspired by some papers from the 2000s, this one in 2009 https://www.nokia.com/bell-labs/publications-and-media/publi...
The point isn't the technical inability to block particular IPv6 addresses efficiently, but anticipating abuse potential by IP. You can change IPv6 addresses freely compared to IPv4. With IPv4 it's easy to determine, if you are dealing with a residential IP or VPN. No heuristics or analysis needed. IPv4 addresses are blocked preemptively, that's not really a thing for IPv6. Eg. VPN providers wouldn't have static endpoint addresses with IPv6. So you may be able to limit spontaneous abuse such as DDoS attacks, but it's a lot harder to filter technically legitimate traffic, which is merely unwanted for your data aggregation.
Is there anything against just blocking at the /48 level?
No, but subnets can't be as easily associated with unwanted traffic. If IPv6 gets blocked you just get another IP. A VPN or hosting provider can't simply rent, or god forbid buy IPv4 addresses and subnets, arbitrarily. The IPs they use are rather static and easy to discover. Rather trivial to block all them, preemptively. Residential IPv4 VPNs are not legal offerings and their use is limited. VPNs can fight traffic analysis, they can't fight preemptive IPv4 blocking.
See, it doesn't matter if it's somehow possible to control IPv6 traffic, factually, it is sooo much easier to control and observe IPv4. IPv6 adoption isn't going great at all and now there are new strong business incentives against it.
The direction we're moving right now isn't free intergalactic mesh networking, but holistic control and centralization by the tech oligarchy. IPv6 is good things... we can't have those.
2 replies →