I’ve recently bought some studio monitors to replace a hifi I was using and they didn’t come with grilles. Seems to be a difference between studio kit and the hifi world.

Not being predictable by us does not mean they offer free will.

The preconditions are so precise that you’ll never be able to get exactly the same results from trying to do the same thing twice - you’ll never be able to do the same thing twice. But that doesn’t stop cause and effect determining the outcome. There is no place where free will can enter in to any equation at any micro or macroscopic level and just having unpredictable microscopic events doesn’t give you control of your own destiny. This is totally separate from your own perceptions of having choices you make. Personally I find myself doing things I didn’t consciously choose to do. Once you start noticing them you might find more and more.

I posted this elsewhere a few days ago. I don’t think IPv6 can do what I require of a basic home network, let alone a large enterprise…

I gave it a really good shot at implementing this past week. I spent 3 days getting up to speed, reading loads and trying various different things. But I am now back to IPv4 only because I just can’t get IPv6 to do what I want and no amount of searching has made me think what I want to do is even possible.

Some background about the IPv4 network I run at home: I run opnsense on a Proxmox server. I have a few services publicly available using port forwarding. I run several VLANs for IoT, VoIP, Cameras etc. I use a bunch of firewall rules that are specific client devices on the network. So for example I have a rule that blocks youtube from the kids tablets and the TV. I have a special rule around DNS for the wife as she doesn’t want to use the pihole blocking features. These rules are made possible because the DHCP server is set to give them a fixed IP and I can create a firewall alias and rule based on that.

None of these things on my existing network are particularly difficult to configure, they run really well.

What I want from IPv6 is:

1. All devices to use IPv6 including android devices.
2. To have the same firewall rules configured and not have them be easily bypassed.
3. To use privacy addresses as I don’t want to make every device uniquely trackable over the internet.
4. To be able to cope with changes to the ISP provided /48 prefix seamlessly.
5. Have internal DNS make accessing intranet devices easy.
6. To ensure the privacy of individual devices on my network by avoiding individual device tracking.

What I’ve tried:

1. Using DHCPv6, but this excludes android devices. So that’s out.
2. Using a NAT (to avoid tracking of individual devices) and fd00/8 addresses, but this is pointless as those addresses are lower priority than IPv4 (FFS!)
3. SLACC just seems a non-starter.

Additional: I don’t think I have a problem with “thinking about it all wrong for IPv6”. I may have a skill issue, hence this question.

As far as I can tell to achieve requirement 1) you must use SLAAC. SLAAC without privacy extensions doesn’t allow for 6).

Changes to external ISP prefix assignment impacts MY INTERNAL NETWORK (this just seems insane). And as far as I can tell there’s no easy way around this, especially if I have static addresses configured for servers which would (if using SLAAC) have to be manually configured.

I can’t see how DNS would be updated either, either Unbound running on Opnsense, or to the pihole. If I go for SLAAC with privacy extensions and I keep paying for a static IP (v4 & v6) to my ISP then I can’t implement any firewall rules for specific devices as devices will change their IP regularly. And its even worse if I don’t pay for a static IPv6 prefix.

I don’t think anything I’m trying to do is particularly strange or unusual but 26 years after its introduction I don’t see that IPv6 can meet these requirements. And one of the leading firewall routers, especially in the homelab doesn’t have answers to these questions either.

Can you suggest a way to meet all 6 requirements I have with IPv6?

No idea about socials, but some will do a DBS check

Eastern Ukraine isn’t an ideal tourist spot at the moment.

I don’t understand it either. On one hand people say don’t remember addresses, use DNS and on the other DNS relies on static addresses but then every device is “supposed” to have random addresses via SLAAC or privacy addresses. It just doesn’t seem to tie together very well, but if you use them like IPv4 addresses you’re apparently doing it wrong.

A what are they putting in the BWT water that’s corroding their brains?

You have very different kids to me.

What about it is fiddly?

The insane addresses. The reliance on DNS, the unpredictability of addresses, that each device can have so many addresses and you need to know what each does and is used for and how that impacts inter-network routing and firewall rules. Privacy IPs, what the hell? Its a solution to something that’s fixed by tried and understood IPv4 NAT.

If you just want a flat simple network where everything on your lan is equal, everything has a globally unique and trackable IP I’m sure it’s fine. But if you have something more sophisticated it becomes much more complicated. And I genuinely can’t see how IPv6 advocates can’t see the problems it introduces.

What we need is a larger address space and fast adoption, that’s it. If after 30 years of awful adoption rates and only when people have a gun to their head they begrudgingly might adopt it, then you have a bad protocol.

But at that point there’s no difference other than it’s less familiar and more fiddly with v6. Why even bother.

Here’s my story of trying to use IPV6 for the past 3 days, and I know I’m not a typical user.

I use Opnsense as a router firewall. Using IPv4, 5/6 VLANs, almost all devices statically addressed with alias’s configured for each. This lets me have firewall rules like “block youtube on the kids devices”, or “use a different DNS server for the wife”, only allow the fire stick to access the internet after 7am. That sort of thing.

First problem is working out how to even get IPv6 on the WAN and what it even means that my ISP has given me a /48 and a /64. Loads of reading and some cobbling together later I have it. But no clients are getting addresses. Eventually fix that and now they have an address. But I don’t want to use SLAAC as that’s a nightmware to keep track of, DHCPv6 doesn’t work for android devices so they’ll be on IPv4 anyway. I don’t want each client to have a globally unique address as that just allows insane tracking. I don’t know if my IPv6 address will ever change, but it seems likley it will and that would be a nightmare to fix. I manage to get private fd00/8 addresses allocated to clients, but I don’t know how to configure IPv6 NAT so devices have an IPv6 IP, but can’t access through the WAN using it. And by that point I just don’t see the point any more. I’d just be duplicating all my rules that would be far too time consuming, confusing and I don’t see the point.

I want local private IP addresses. I don’t want clients to have unique IPs. I want the addresses to be known and static. I want my firewall rules to be tied to specific addresses for 90%+ of devices.

RAID IS NOT BACKUP RAID IS NOT BACKUP RAID IS NOT BACKUP

Don’t use Red drives for a NAS!! You need the Red Plus (or is it red pro) disks as they’re CMR.

I’d go for Ultrastar drives personally. There’s a few really good videos online analyzing the backblaze stats for different drives that are well worth watching.

EndeavourOS on my desktop and laptop. Works like a charm. By far the happiest I’ve been with a desktop distro.

On my server VMs I’m running Ubuntu Pro because it’s absolutely impeccably stable, Pro is free and I like the idea of having the option of not upgrading them for 10 years.

All running on Proxmox. I have a few appliance type VMs like opnsense and 3CX and they’re nice and stable too.

Everywhere? Where will we put all the existing things? You can’t turn the whole world in to just toilets, that’s taking the piss!

Or save yourself a character and just yay

I was once not spotted whilst wearing a bright fluorescent orange cycling rain jacket and standing 6’5" tall in an office of suits.

Wednesday Addams from the Netflix show

I received so much spam and abuse of my network from .xyz domains that they are fully blocked in every conceivable way from being accessed or accessing my network.

I’m with you. The infantilism of films is so depressing