except for nor using it at all, of course.
So I want to make my homelab IPv6 ready, because I have too much free time, i guess. There are two decisions that I’m currently unsure about:
- ULA or not. Do you have local only addresses or do your clients communicate using the global IPv6 address? Does not using ULAs work without a static IP from the ISP?
- DHCPv6 or is SLAAC enough?
For each question both options seem to be possible and I’m interested in your experience
Cheers
But why bother if you get ULAs. It doesn’t enhance anything and adds complexity if you use NAT or other routing as you need to add rules for both IPv4 and IPv6. Most ISPs, in the US anyway, don’t offer true IPv6 only what was supposed to be transitional technology decades ago like 6rd. I hate to say anything good about Comcast, but it’s the single thing I miss from that they actually do. But having such limited upstream speeds on cable just isn’t reasonable for much of anything these days, but definitely not when self-hosting. 1-10Mbps up on Cable or most DSL just doesn’t cut it.
If you’re starting from scratch implementing IPv6 on your LAN might be worthwhile if you dont mind the limitations of or don’t require the transitional technologies on your LAN like NAT64 and the hit to performance from the translations/tunneling when accessing the internet doesn’t bother you (it sure annoyed the hell out of me every time I accessed a website, among other things).
But dual stack, seems like it’s not worthwhile. Just choose one or the other. Few software applications or modern hardware are going to have an issue with IPv6. But if you’re using both ULAs and IPv4 private addresses, it seems like a lot of extra hassle to write duplicate routing rules for everything.
Like I said: unless your ISP sucks. I don’t see the issue with dual stack and I don’t know why you’re bringing other transition mechanisms into this. Obviously they kinda suck. Dual stack really doesn’t have much of a downside or a performance hit unless your clients or DNS are doing something stupid. In which case you can still choose to configure a client to use one over the other. Many ISPs, especially outside the US, don’t have enough IPv4 address space and have to use CGNAT, in which case you’re much better off with a dual stack setup and a DNS config that prefers AAAA records, imho. IPv4 only leaves you with NAT, which sucks and IPv6 only isn’t feasible currently.
Right, but my point is, most US ISP are shitty and don’t offer IPv6 blocks. If you are in the lucky minority who’s ISP does provide proper support for IPv6, then why bother dealing with IPv4 at all, ignore it. Almost nothing needs it anymore besides the majority of ISPs in the US which all suck.
There are some cases where locally defined addresses (private IPv4 or IPv6 ULAs) and NAT are useful for controlling what people and devices on your LAN can access, but usually not in a residential or home lab situation. So why bother. Either if your ISP offers proper IPv6, just use that, or if they don’t, just use IPv4 and ignore the transitional IPv6 addresses. With both you end up writing every NAT and firewall rule twice, I don’t see the point unless you have an old device that can’t handle IPv6.
As for performance hits, I was referring to the fact that most ISPs dont offer proper blocks of IPv6 and the transitional technologies they do offer like 6rd or 6to4 do have performance hits, sometimes extremely significant ones. So if you implement dual stack and your DNS query returns AAAA record and your systems prefer it, they will always take a hit. This is from lots of experience. I always disable IPv6 because my ISP uses 6rd and it is the only one in the major city I live in that offers >10Mbps upstream, so it’s not feasible to switch. When I was on Comcast and got an IPv6 block, I disabled IPv4. Dual stack would be too much work.