Private addresses don’t necessitate NAT. IPv6 also allows private addresses in the form of fd00::/8, like fd00:face:b00b:1::1.

.local is already used by mDNS

This is an EU4 / CK3 / HOI4 joke

I have a 64-bit computer, it can address up to 18.4 exabytes, but my computer only has 32GB, so I will never use the vast majority that address space. Am I “wasting” it?

You are using the addressing bits in the form of virtual memory. Right now. Unless you run a unikernel system, then in that case you could be right, but I doubt it.

Anyway, this is apples and oranges. IP addresses are hierarchical by design (so you have subnets of subnets of subnets of …), memory addresses are flat for the most part, minus some x86 shenanigans.

Yes they are all “used” but you don’t need them. We are not using 2^128 ip addresses in the world.

But we do need them! The last 64 bits of your IPv6 addresses are randomized for privacy purposes, it’s either that or your MAC address is used for them. We may not be using those addresses simultaneously but they certainly are used.

Despite that, there still are plenty of empty spaces in IPv6, that’s true. But they will still be used in the future should the opportunity arise. Any “wastage” is artificial, not a built-in deficiency of the protocol. Whereas if we restricted the space to 40 bits, there will be 24 bits wasted forever no matter how.

You’re not “wasting” them if you just don’t need the extra bits

We are talking about addresses, not counters. An inherently hierarchical one at that (i.e. it goes from top to bottom using up all bits). If you don’t use the bits you are actually wasting them.

you can gradually make the other bits available in the form of more octets

So why didn’t we make other bits available for IPv4 gradually? Yeah, same issue as that: Forwards compatibility. If you meant that this “IPv5” standard should specify compulsory 64-bit support from the very beginning, then why are you arbitrarily restricting the use of some bits in the first place?

If you’re worried about wasting registers it makes even less sense to switch from a 32-bit addressing space to a 128-bit one in one go

All the 128 bits are used in IPv6. ;)

Every time there’s a “just add an extra octet” argument, I feel some people are completely clueless about how hardware works.

Most hardware comes with 32-bit or 64-bit registers. (Recall that IPv6 came out just a year before the Nintendo 64.) By adding only an extra octet, thus having 40 bits for addressing, you are wasting 24 bits of a 64-bit register. Or wasting 24 bits of a 32-bit register pair. Either way, this is inefficient.

And there’s also the fact that the modern internet is actually reaching the upper limits of a hypothetical 64-bit IPv5: https://lemmy.world/comment/10727792. Do we want to spend yet another two decades just to transition to a newer protocol?

Tell that to your ISP which has fucked their IPv6 deployment up. In my experience IPv6 is actually faster since it bypasses the IPv4 CGNAT.

On busy days my IPv4 connection can get as slow as 15KB/s, now that’s trash.

And we are facing the effects of it as we’re speaking. CGNAT and protocols like TURN were not invented without a reason.

Our network architecture has the tendency to waste IP addresses. A subnet may have 10 devices but have 256 IPs (e.g. a /24 network like 192.168.0.0 to 192.168.0.255) - that’s 246 wasted addresses. This wastage is kinda unavoidable since we’d need to keep our routing tables from being too fragmented.

With that in mind it is entirely possible for 64-bit addressing space to not be enough, unless we revert to methods like NAT which come with their own disadvantages.

We have already used up about one /11 block of the IPv6 internet. That’s 128-11=117 bits. If we replace the standardized /64 subnets of IPv6 with old /24 subnets typical in IPv4 networks, you get 61 bits. That’s dangerously close to the upper limit of a hypothetical 64-bit IPv5 internet.

::1

If history is any indication then more lock-in will be the future trend. And they will sugarcoat it with reasons such as “this is more secure”.

I use arch btw.

Indeed. I would love to have a “modernized Morrowind” experience – an RPG game that really nails the role-playing part of RPG, but without the cheesy parts of Morrowind like the unintuitive combat system – but all of us know that it’s just not gonna happen.

Were I really strawmanning you? Is “I never even implied the opposite” really true? Quote:

So, really, you were “correcting” me for you and your specific setup

Yeah, my “specific setup”… which can be found in virtually all routers today.

Oh come on, are you seriously suggesting that default-deny stateful firewall is not the norm??

Holy. Fucking. Shit. Indeed.

You keep on suggesting to me that you really have no idea how networking works. (Which is par on course for people thinking NAT == security, but I digress)

Let me tell you: All. Modern. Routers. include a stateful firewall. If it supports NAT, it must support stateful firewalling. To Linux at least, NAT is just a special kind of firewall rule called masquerade. Disregarding routers, even your computer whether Linux (netfilter) or Windows (Windows Firewall) comes built-in with a stateful firewall.

It’s a stateful firewall. It simply drops unsolicited packets.

How is this “dropping packets” not applicable to firewalls, then? You are not just going to casually connect to my IPv6 device as we’re speaking. The default-deny firewall in my router does the heavy lifting… just like what NAT did.

Honestly, it just sounds like you need to brush up on networking knowledge. Repeat after me: NAT is not security.

Wait, why are we talking about Layer 7 when NAT and firewalls are Layer 4 at best?

Consumer router firewalls are generally trash

[Citation needed]

They are literally piggybacking on the netfilter module of Linux. I don’t see how that’s trash

Wow, Europe, you guys sure are worrying us a little.

– Best regards, South East Asia