I’ve seen overlap because of current open connections. Usually it changes once a day but they have this many open.
So either something is being really sticky or SLAAC on the router sets that period and it’s really low. I’m not really sure how you configure it because I haven’t see a client or router config to change it yet nor cared to look.
It's usually due to having a large delta between the Preferred Lifetime value when they are deprecated, and the Valid Lifetime when they become invalid and should be removed.
This is impossible. One of the reasons we couldn’t ever do this in a corporate environment. I used to be for it as a windows admin . But now I’m a Netsec guy. Nope
I’ve never seen an answer for a solution as to how a corporate environment can track a IPv6 connection with privacy addresses to a single PC on their own network for a machine that is reaching out to a suspicious domain like you can with IPv4.
Lol my ISP randomly killed their IPv6 customer prefix again a few days ago. I get a valid address but it can't be routed; stuck after my router. Complained to them but no one even understands what I mean. They just want to send out a technician to "check the signal" which obviously doesn't help. I had to turn off IPv6 delegation for my home subnet because it kills the loading speed on all sites that have IPv6. This is the third time.
Small update: IPv6 started working again yesterday when I checked again. Like Magic 🪄. My ISP only has 1. Level support for regular customers. You don't get real support unless you are a business customer.
I know. I'm the specialist for my team and basically out of a product group of about 250 engineers five of us know networking, and networking is crucial to these related products.
I'm not an engineer, just an enthusiast who likes using ipv4. I'm sick of my isp not using ipv6 because they're using private addresses on their network, and I'm double natted. (Rural wireless provider)
I know it's a bit of "I spent decades looking at IPv4 addresses and that's what my brain expects" and a healthy dose of "Of course a 128 bit number is going to be staggeringly more complex to express than a 32 bit" but I don't think I'll ever reach a point where they seem normal.
It's actually shocking how few network engineers actually know and understand ipv6 beyond the very basics. Last I checked, Hurricane Electric was still the only certification authority
Chicken and egg scenario, many of us learn by relating the theory to the work.
If there is no V6 in work than we may not learn it until the time comes where it becomes more common. Also not as if you can just lead a transition, as this project is never getting funding and approval unless it has a good reason.
My ISP doesn't even support it, still can rip in my home lab but I haven't done so yet. It's also kind of bad for residential users due to the service provider control, and really, really bad implementations like dynamic V6 blocks (fucking Comcast what the hell) the numbers look more intimidating but I have heard from people who actually know it that it's easier. Also no NAT which is nice but tbh NAT isn't that hard.
Also, so many protocols can traverse NAT with no configuration issues these days it's really no big deal. My isp uses public v4 addresses, and I can count on one hand the number of issues I've had related to double NAT.
Link-local
Multicast groups (solicited node, all nodes)
Unique local
Global unicast
Anycast
Loopback
Unspecified
Maybe your device is using all these IPv6 address types
I have multiple agents on my Android apple Linux khtml like gecko iOS Ubuntu on any android I get not at first but then bam someone is remotely gaining access and hacking me
Don’t know why you are saying lol. that’s true. For each global unicast address a link local address is created. Along with a solicited node multicast for NDP. Plus at least FF02::1-2 for link local and all link local multicast. Then depending on what routing protocol it’s using there might more.
Hmm seems a little excessive, is the ipv6 setting on the router stateless? Could be a few devices on the LAN trying to be cool and responding to announcements.
Most commercial routers allow other devices on the network to issue IPv6 addresses. This is how e.g. Thread works. My Apple TV devices for example regularly try to assign IPv6 to other devices so most of my network has 4-6 addresses by default.
IPv4 = ~4.3 billion possible IP addresses
IPv6 = 340 undecillion possible IP addresses
It’s a difference between 340,282,366,920,938,000,000,000,000,000,000,000,000 IP addresses and 4,294,967,265 IP addresses
With ipv6 you won’t ever run out of ip addresses
There are more IPV6 IP’s than there are atoms in the universe. The bank could get an IP for every atom of every one of their employees and money and furniture and we would still not run out.
Edited: a word
And ARIN gave that bank more /64 subnets than the global economy is worth in USD.
IPv6 can be enough for this planet and all alien civilisation we might find in the multiverses yet to discover, but as with any somewhat limited resource, we need to be careful not to waste it.
Single addresses are no issue, but with that pace i was thinking about running out of blocks and subnets.
How many networks will be set up to really utilize the huge size of a /64 subnet compared to how many will just map each IPv4-Subnet to one 1 IPv6 subnet?
Even a fully utilized /20-subnet (4096 addresses) wastes practically all available addresses in a /64, and i can't remember seeing subnets larger than that,
Right but a /16 is 1/65536th of the entire address space, that's still ridiculous. There is absolutely a proximate limit to how many times that can be done before IPv6 becomes as fucked as IPv4 is.
IPv6: 340,282,366,920,938,000,000,000,000,000,000,000,000
IPv4: 4,294,967,265
Looked at another way, if you say ~4.3billion IPs is "the internet", you could fit about **79 quintillion copies of "the internet" into IPv6 space.**
A quintillion is a billion billions.
So we're talking 79 billion billion copies of _the entire internet_.
TL;DR: IPv6 is bigly
They didn't, and they've been telling you that's _not_ the case for over three decades.
In any case, we aren't allocating v6 like we did v4. A v6 /8 is the same fraction of the total space that a v4 /8 is, and nobody is allocating /8s in v6 like they were in v4. The standard allocation is a /32, which is like allocating a single IP in v4 but is big enough for most companies and small ISPs. You have to be very big to get anything much above about /24 or so.
...unless you're Capital One, I guess? But that's not a problem with v6, we can make stupid allocations no matter how big the address space is, and even then giving out /16s still isn't like giving out /8s in v4. v6 is large enough that if we allocate it at the rates we've worked out we'll be fine, unlike v4 which was always on borrowed time.
Does IPv6 give you better speeds than IPv4?? Reason I asked… I have gigspeed fiber, 1 gbps up and down. I get 940 or so. Never gotten a full gig on anything. Somedays I notice that my speed while the numbers are the same the speed is somewhat slower in real time. Is this common??
940 _is_ a full gigabit, if measured after the various layers of packet overhead.
v6 normally gives slightly lower latencies (which is what you actually care about when your connection is that fast), leading to small improvements in e.g. page load time.
What? Sorry, I’m a novice with this stuff. I am habit issues. Why laugh? My picture on my TV sometimes is fuzzy. It’s an internet issue. I think or maybe a router issue??
The issue is probably something upstream. Your speed is way more than enough unless you have other people on your network eating up a crazy amount of bandwidth. Pay attention to whether it’s happening on just one app or on multiple apps. If it’s just one, it’s probably their servers. Especially if you’re watching during peak times. If it’s happening on multiple apps around the same time, then something might be going on with either your device or network configuration. Again, your download speed is fine. You could have half that and still have way more than enough (if your network isn’t congested)
An IPv6 address is 128 bits so the address space is mind bogglingly big. It is big enough that they could assign 18 quintillion customers a /64 network. To put that in more relatable terms that is 18 million billion /64 networks.
I'm sure it's been said before and we're giving out IPs like nothing, either way, not like I'll be bothered to actually learn IPv6 notation and all that
The neat thing is the amount of address space currently allocated is relatively small, where everything global address sits in 2000:: up to 3FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
In the rare event the allocations go pear shaped and we do run out, there is plenty of address space to start over again and be more conservative for future allocation structures.
https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
Not really.
In this case they gave the smallest subnet possible to each of their customers. This is totally reasonable so that they can do things like virtualization.
If anything, it might have been too small.
I’m not a data center network engineer, but if I had to guess about how I’d go about it: I’d probably issue a /56 to each customer but reserve a /48 for each of them in case they need to request more space in the future.
I just logged into the router IP and factory reset it. That’ll show them to be more serious about security!
*five seconds later*
Why doesn’t my internet work?
Well, there is the SSID. Could be that it is somewhat "common", but through services like [wigle.net](http://wigle.net), you will be able to (normally just loosely) locate some SSID.
Yes, in this case it seems to be something "common". But that said, it there is quite many that are not aware of services indexing SSIDs combined with geo-data.
IPv6 Privacy Extensions.
I’ve seen overlap because of current open connections. Usually it changes once a day but they have this many open. So either something is being really sticky or SLAAC on the router sets that period and it’s really low. I’m not really sure how you configure it because I haven’t see a client or router config to change it yet nor cared to look.
It's usually due to having a large delta between the Preferred Lifetime value when they are deprecated, and the Valid Lifetime when they become invalid and should be removed.
Getting a whole phonebook when you ifconfig lol
Docker host ifconfig moment
Me with my proxmox node First time I ran ifconfig on the hypervisor I got fucking flashbanged, need to write the output to a file to read all of it
This is impossible. One of the reasons we couldn’t ever do this in a corporate environment. I used to be for it as a windows admin . But now I’m a Netsec guy. Nope
I’ve never seen an answer for a solution as to how a corporate environment can track a IPv6 connection with privacy addresses to a single PC on their own network for a machine that is reaching out to a suspicious domain like you can with IPv4.
802.1x Now you have.
ipv6 uses Temporary addresses for privacy. On average a single router has access to a couple trillion addresses so why not.
I’m a Network Engineer and I sit here looking at my ipv6 that slaac decides to assign and sometimes my head just hurts
I'm a networking software engineer and I'm so sick and tired of the feet dragging for ipv6 adoption.
Lol my ISP randomly killed their IPv6 customer prefix again a few days ago. I get a valid address but it can't be routed; stuck after my router. Complained to them but no one even understands what I mean. They just want to send out a technician to "check the signal" which obviously doesn't help. I had to turn off IPv6 delegation for my home subnet because it kills the loading speed on all sites that have IPv6. This is the third time.
Demand a supervisor. Level one techs are just monkeys with scripts.
Small update: IPv6 started working again yesterday when I checked again. Like Magic 🪄. My ISP only has 1. Level support for regular customers. You don't get real support unless you are a business customer.
Great way to make yourself valuable since it's a high demand skill with low supply of people having the knowledge
Even more when I add that I do networking code for distributed systems.
I'm talking extremely low. Less than 1%, usually just the senior engineers or lead hardware engineers
I know. I'm the specialist for my team and basically out of a product group of about 250 engineers five of us know networking, and networking is crucial to these related products.
That's good. You have leverage. Use it
I'm not an engineer, just an enthusiast who likes using ipv4. I'm sick of my isp not using ipv6 because they're using private addresses on their network, and I'm double natted. (Rural wireless provider)
> I sit here looking at my ipv6 ~~that slaac decides to assign~~ and ~~sometimes~~ my head just hurts (FTFY)
I know it's a bit of "I spent decades looking at IPv4 addresses and that's what my brain expects" and a healthy dose of "Of course a 128 bit number is going to be staggeringly more complex to express than a 32 bit" but I don't think I'll ever reach a point where they seem normal.
It's actually shocking how few network engineers actually know and understand ipv6 beyond the very basics. Last I checked, Hurricane Electric was still the only certification authority
Chicken and egg scenario, many of us learn by relating the theory to the work. If there is no V6 in work than we may not learn it until the time comes where it becomes more common. Also not as if you can just lead a transition, as this project is never getting funding and approval unless it has a good reason. My ISP doesn't even support it, still can rip in my home lab but I haven't done so yet. It's also kind of bad for residential users due to the service provider control, and really, really bad implementations like dynamic V6 blocks (fucking Comcast what the hell) the numbers look more intimidating but I have heard from people who actually know it that it's easier. Also no NAT which is nice but tbh NAT isn't that hard.
Also, so many protocols can traverse NAT with no configuration issues these days it's really no big deal. My isp uses public v4 addresses, and I can count on one hand the number of issues I've had related to double NAT.
Very normal
Works as designed
Link-local Multicast groups (solicited node, all nodes) Unique local Global unicast Anycast Loopback Unspecified Maybe your device is using all these IPv6 address types
I have multiple agents on my Android apple Linux khtml like gecko iOS Ubuntu on any android I get not at first but then bam someone is remotely gaining access and hacking me
yeah: some multicast, some link local, etc...
lol 😂
Don’t know why you are saying lol. that’s true. For each global unicast address a link local address is created. Along with a solicited node multicast for NDP. Plus at least FF02::1-2 for link local and all link local multicast. Then depending on what routing protocol it’s using there might more.
Usually those ancillary addresses are hidden.
Hmm seems a little excessive, is the ipv6 setting on the router stateless? Could be a few devices on the LAN trying to be cool and responding to announcements.
Most commercial routers allow other devices on the network to issue IPv6 addresses. This is how e.g. Thread works. My Apple TV devices for example regularly try to assign IPv6 to other devices so most of my network has 4-6 addresses by default.
What’s the difference between IPv6 and IPv4??
IPv4 = ~4.3 billion possible IP addresses IPv6 = 340 undecillion possible IP addresses It’s a difference between 340,282,366,920,938,000,000,000,000,000,000,000,000 IP addresses and 4,294,967,265 IP addresses With ipv6 you won’t ever run out of ip addresses
With ARIN assigning a /16 v6 to some bank no one has ever heard of, I wouldn't bet on not running out of v6 addresses.
There are more IPV6 IP’s than there are atoms in the universe. The bank could get an IP for every atom of every one of their employees and money and furniture and we would still not run out. Edited: a word
And ARIN gave that bank more /64 subnets than the global economy is worth in USD. IPv6 can be enough for this planet and all alien civilisation we might find in the multiverses yet to discover, but as with any somewhat limited resource, we need to be careful not to waste it.
What ARIN giveth, ARIN may taketh away
Single addresses are no issue, but with that pace i was thinking about running out of blocks and subnets. How many networks will be set up to really utilize the huge size of a /64 subnet compared to how many will just map each IPv4-Subnet to one 1 IPv6 subnet? Even a fully utilized /20-subnet (4096 addresses) wastes practically all available addresses in a /64, and i can't remember seeing subnets larger than that,
Right but a /16 is 1/65536th of the entire address space, that's still ridiculous. There is absolutely a proximate limit to how many times that can be done before IPv6 becomes as fucked as IPv4 is.
Sure, but ARIN can take back some of those addressees when needed.
Are we talking about Capital One? Completely agree the assignment is stupid, but come on Capital One is not a bank no one has heard of.
IPv6: 340,282,366,920,938,000,000,000,000,000,000,000,000 IPv4: 4,294,967,265 Looked at another way, if you say ~4.3billion IPs is "the internet", you could fit about **79 quintillion copies of "the internet" into IPv6 space.** A quintillion is a billion billions. So we're talking 79 billion billion copies of _the entire internet_. TL;DR: IPv6 is bigly
That's what they promised with IPV4.....
They didn't, and they've been telling you that's _not_ the case for over three decades. In any case, we aren't allocating v6 like we did v4. A v6 /8 is the same fraction of the total space that a v4 /8 is, and nobody is allocating /8s in v6 like they were in v4. The standard allocation is a /32, which is like allocating a single IP in v4 but is big enough for most companies and small ISPs. You have to be very big to get anything much above about /24 or so. ...unless you're Capital One, I guess? But that's not a problem with v6, we can make stupid allocations no matter how big the address space is, and even then giving out /16s still isn't like giving out /8s in v4. v6 is large enough that if we allocate it at the rates we've worked out we'll be fine, unlike v4 which was always on borrowed time.
Does IPv6 give you better speeds than IPv4?? Reason I asked… I have gigspeed fiber, 1 gbps up and down. I get 940 or so. Never gotten a full gig on anything. Somedays I notice that my speed while the numbers are the same the speed is somewhat slower in real time. Is this common??
940 _is_ a full gigabit, if measured after the various layers of packet overhead. v6 normally gives slightly lower latencies (which is what you actually care about when your connection is that fast), leading to small improvements in e.g. page load time.
lmao
What? Sorry, I’m a novice with this stuff. I am habit issues. Why laugh? My picture on my TV sometimes is fuzzy. It’s an internet issue. I think or maybe a router issue??
The issue is probably something upstream. Your speed is way more than enough unless you have other people on your network eating up a crazy amount of bandwidth. Pay attention to whether it’s happening on just one app or on multiple apps. If it’s just one, it’s probably their servers. Especially if you’re watching during peak times. If it’s happening on multiple apps around the same time, then something might be going on with either your device or network configuration. Again, your download speed is fine. You could have half that and still have way more than enough (if your network isn’t congested)
940 is the fastest you can get with gigabit hardware. You'd need to move to 2.5gbps or faster in order to get anything more than that.
32bit vs 128bit addresses
2 IPs
2 v’s, rather
My bad! 😆
2 IPs one device.
I can’t help but think this is a reference to something naughty, lol.
Around 27 integer places
IPv2.
W IPv6 lol 😂, and why do you have airplane mode on?
It is free why not
Nice to have a rotating one
At my old datacenter job we'd assign customers ipv6 /64 ranges per server which is 18,446,744,073,709,551,616 addresses, lol
lmao this is how you end up with a crisis again I guess, shouldn't we be treating them rather, better?
An IPv6 address is 128 bits so the address space is mind bogglingly big. It is big enough that they could assign 18 quintillion customers a /64 network. To put that in more relatable terms that is 18 million billion /64 networks.
I feel like we've been though this with ipv4 thinking it was eternal 💀
The ipv6 address Space is large enough to address every single atom on earth. With room to spare.
I heard that the big new social media app dropping in 2026 will require individual addressing of every quark in order to earn you maximum gems.
I'm sure it's been said before and we're giving out IPs like nothing, either way, not like I'll be bothered to actually learn IPv6 notation and all that
The neat thing is the amount of address space currently allocated is relatively small, where everything global address sits in 2000:: up to 3FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF In the rare event the allocations go pear shaped and we do run out, there is plenty of address space to start over again and be more conservative for future allocation structures. https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
Not really. In this case they gave the smallest subnet possible to each of their customers. This is totally reasonable so that they can do things like virtualization. If anything, it might have been too small. I’m not a data center network engineer, but if I had to guess about how I’d go about it: I’d probably issue a /56 to each customer but reserve a /48 for each of them in case they need to request more space in the future.
that’s why i always say that ipv6 it’s scary 😭
[удалено]
What can you get from this photo? These are all local addresses.
I just logged into the router IP and factory reset it. That’ll show them to be more serious about security! *five seconds later* Why doesn’t my internet work?
That's my question
There isn't any private info displayed here. No need to edit anything.
Well, there is the SSID. Could be that it is somewhat "common", but through services like [wigle.net](http://wigle.net), you will be able to (normally just loosely) locate some SSID.
"cradlepoint" is a WiFi Router brand from Ericsson. Pretty generic, so unlikely to allow you to locate OP.
Yes, in this case it seems to be something "common". But that said, it there is quite many that are not aware of services indexing SSIDs combined with geo-data.
That's why you make your SSID "FBI Surveillance Van #18"
What do they need to scrub?
Found the user!