Today in our newest take on “older technology is better”: why NAT rules!
You should only assign static ipv6 to servers, in theory you could just define a host id and use a prefix too. But, most people at home really aren’t running enough servers to make that worthwhile. Everything else should just pick up new addresses fine using ND.
There ought to be more servers.
Will the app for the smart thermostat be updated three years from now and still be useful? If it was instead a web server app on a routable IP, it wouldn’t matter provided they didn’t fuck up the authentication and access control.
Yeah, but they’re not. That’s the modern world. But also even if it was a web server there’s usually ways to advertise the IP for the app to connect to. I’ve seen other stuff do that. So getting an IP is easy. Once the app knows the IP and if you really want to allow connections from outside to your IOT devices (I wouldn’t) it could remember the IP and allow that.
You really don’t need to give a fixed IP to everything. I think I’ve given 1 or 2 things fixed IPv6 IPs. Everything else is fine with what it assigns itself.
You can use ULAs (unique local addresses) or that purpose. Your devices can have a ULA IPv6 address that’s constant, and a public IPv6 that changes. Both can be assigned using SLAAC (no manual config required).
I do this because the /56 IPv6 range provided by my ISP is dynamic, and periodically changes.
Yes but you’d still be performing NAT. It’s at least 1:1.
You’ll need to deal with firewall rules regardless, and drop IPs into policies. IPv6 doesn’t remove any of those chores but gets rid of having to maintain tables to deal with many-to-one NAT.
You wouldn’t need NAT. The ULA is used on the internal network, and the public IP is for internet access. Neither of those need NAT.
