[AusNOG] Default IPv6 Local Only Addressing for Non-Internet Devices
Mark Smith
markzzzsmith at gmail.com
Tue Oct 15 17:44:49 EST 2019
On Tue, 15 Oct 2019, 17:37 Dave Browning, <dave at dlbnetworks.com> wrote:
> My “workaround” for this is to drop all IPv6 ingress on my router for any
> devices MAC I don’t want getting an IPv6 address. That way it can’t get an
> address from the likes of IPv6 stateless address auto configuration.
>
> Haven’t tested enough to know what other implications this may cause.
>
Well you're stopping your devices from getting any IPv6 address at all.
I bought my printer specifically because it does IPv6, as all my devices do
other than my 2011 TV and 2014 PVR.
I'd just prefer that it didn't have a global IPv6 address when it doesn't
need one. (It would need one if I was using e.g. Google Cloud print).
> On 15 Oct 2019, at 4:25 pm, Mark Smith <markzzzsmith at gmail.com> wrote:
>
>
>
>
> On Tue, 15 Oct 2019, 17:13 Tomas Gibbs, <tomas.gibbs31 at gmail.com> wrote:
>
>> IIRC should be just fine to give it a public address aslong as you have
>> firewalls in front to block traffic from outside to in.
>>
>
> Why give a device a public address if it doesn't need it to do its job?
>
> You don't need a network firewall to protect a device from the Internet
> that can't ever be reached from the Internet.
>
>
>
>
>> Get Outlook for Android <https://aka.ms/ghei36>
>>
>> ------------------------------
>> *From:* AusNOG <ausnog-bounces at lists.ausnog.net> on behalf of Mark Smith
>> <markzzzsmith at gmail.com>
>> *Sent:* Tuesday, October 15, 2019 2:33:34 PM
>> *To:* <ausnog at lists.ausnog.net> <ausnog at lists.ausnog.net>
>> *Subject:* [AusNOG] Default IPv6 Local Only Addressing for Non-Internet
>> Devices
>>
>> Hi,
>>
>> Quite closely related to my recent AusNOG "Getting IPv6 Private
>> Addressing Right" presentation.
>>
>> I recently bought an IPv6 enabled Wifi printer. As it is attached to
>> my single Wifi SSID it is configuring itself with IPv6 global
>> addresses, even though I don't need it to be reachable from the
>> Internet or able to reach the Internet. (It would be relatively hard
>> to find from the Internet anyway with /64 prefix, and there is an IPv6
>> firewall in front if it).
>>
>> I think it would be better for these types of "Non-Internet' devices
>> not to configure themselves with global IPv6 addresses by default.
>>
>> "Default IPv6 Local Only Addressing for Non-Internet Devices"
>> https://datatracker.ietf.org/doc/draft-smith-v6ops-local-only-addressing/
>>
>> Regards,
>> Mark.
>> _______________________________________________
>> AusNOG mailing list
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20191015/b2534c92/attachment.html>
More information about the AusNOG
mailing list