[AusNOG] Default IPv6 Local Only Addressing for Non-Internet Devices

Dave Browning dave at dlbnetworks.com
Tue Oct 15 17:37:15 EST 2019


My “workaround” for this is to drop all IPv6 ingress on my router for any devices MAC I don’t want getting an IPv6 address. That way it can’t get an address from the likes of IPv6 stateless address auto configuration.

Haven’t tested enough to know what other implications this may cause.

> On 15 Oct 2019, at 4:25 pm, Mark Smith <markzzzsmith at gmail.com> wrote:
> 
> 
> 
> 
>> On Tue, 15 Oct 2019, 17:13 Tomas Gibbs, <tomas.gibbs31 at gmail.com> wrote:
>> IIRC should be just fine to give it a public address aslong as you have firewalls in front to block traffic from outside to in. 
> 
> 
> Why give a device a public address if it doesn't need it to do its job?
> 
> You don't need a network firewall to protect a device from the Internet that can't ever be reached from the Internet.
> 
> 
> 
>> 
>> Get Outlook for Android
>> 
>> From: AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of Mark Smith <markzzzsmith at gmail.com>
>> Sent: Tuesday, October 15, 2019 2:33:34 PM
>> To: <ausnog at lists.ausnog.net> <ausnog at lists.ausnog.net>
>> Subject: [AusNOG] Default IPv6 Local Only Addressing for Non-Internet Devices
>>  
>> Hi,
>> 
>> Quite closely related to my recent AusNOG "Getting IPv6 Private
>> Addressing Right" presentation.
>> 
>> I recently bought an IPv6 enabled Wifi printer. As it is attached to
>> my single Wifi SSID it is configuring itself with IPv6 global
>> addresses, even though I don't need it to be reachable from the
>> Internet or able to reach the Internet. (It would be relatively hard
>> to find from the Internet anyway with /64 prefix, and there is an IPv6
>> firewall in front if it).
>> 
>> I think it would be better for these types of "Non-Internet' devices
>> not to configure themselves with global IPv6 addresses by default.
>> 
>> "Default IPv6 Local Only Addressing for Non-Internet Devices"
>> https://datatracker.ietf.org/doc/draft-smith-v6ops-local-only-addressing/
>> 
>> Regards,
>> Mark.
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20191015/101c2254/attachment.html>


More information about the AusNOG mailing list