Hints for use with IPv6 added #1318
Conversation
DS-lite is very common in the region where I live. Dyndns-services for IPv6 already exist, some of them are for free. IPv6 access is at moment limited to 25% of worlds internet user, but in some countries like us, be, de, fr, in, gr it an alternative already for more than 40% of the users.
typo
|
@JamesH65 Any idea how widespread IPv6 networks are? Do you think they're common enough to warrant inclusion in the RPi documentation? |
|
There statistics by google, akamai, facebook and apnic. At least in Germany they are very common. Also in Germany DS-lite by Vodafone Cable (no public IPv4 addresses anymore !) is very common. |
|
I like the idea, but reading it I'm still not sure what is actually happening. Can you add some stuff, won't need much, to explain specifically what this is doing? |
|
I added a description. |
|
I am not seeing an new commit on the PR? Did you push it? |
|
I did not change the pull request itself. I think it should not be bigger. |
|
AH, I see. I think some or all of that description does need to be in the PR text, or people will not actually know what they are doing and why, which will make for problems with support later. The more information provided the better. |
I added an short introduction. Some things are mentioned twice now. Unfortunately my English is not very well. I would be happy, if a native speaker checks it.
|
@thomasschaeferm Starting to look much better now, thanks 👍 |
nat --> NAT, explained, because that is an important change
prefix, network and assignment
|
Everyone happy with this? Reads OK to me. |
|
I wonder if @mythic-beasties might want to have a quick look at this, since IIRC he's very familiar with IPv6 ? |
|
I suspect this is going to be pretty hard to make generic as life is now a lot more complicated. You've got a variety of network types, Traditional v4 + NAT (most fixed line) Traditional v4 with CGNAT (lots of mobile, some fixed line) Traditional v4 + NAT + v6 (some fixed line) Traditional v4 with CGNAT + v6 (lots of mobile, newer ISPs) v6 only with NAT64 There's a whole bunch of implementation details about how modern networks are being rolled out, depending on if they've gone all in for IPv4 only and CGNAT (e.g. Vodafone's new 1Gbps fibre setup), or a pure v6 network with the IPv4 being provided as a compatibility layer on the top (Sky Italia). The trend is clear though, v4 inbound is only likely to work on an expensive business only line, v6 inbound is increasingly likely to work on comon connections, if you're allowed to enable inbound connections. However, I think general documentation from Pi Towers can only be starting point due to the variability of what's offered. |
|
Thank you for the long comment. Despite the variety of network types we should provide a path where the user can start from. |
|
Thanks Pete ❤️ |
|
Whereabouts are we with this? |
|
Sorry about the delay. This PR seems OK to me, it gives more information than before, and is a starting point. I wonder if Mythic-beasties comments should make it in to the docs somehow as well. |
|
In light of #1911 is this PR still relevant? If there is supporting third-party documentation outside of this repo, and there hasn't been much recent progress I'd be inclined to close it? This feels very much non-Raspberry Pi specific material and therefore outside the scope of the more lightweight documentation set? |
|
I think it is still relevant, except you cancel the whole topic about "Access your Raspberry Pi over the internet". |
aallan
added
ready to merge
There are big differences in handling ipv4 and ipv6 for remote access in residential environments(dsl,cable,fibre, maybe mobile too).
In ipv4 it was very common to use address and port forwarding. The router was the only device with a public address. So the router got a packet and translates it (address and port) to a private ip on the lan. Also the router was (mostly) responsible for getting a (nice) dns name.
With ipv6 something has changed. Depending on your isp (ds-lite(carrier grade nat) vs. dualstack) you don't get a public ipv4 address anymore.
Instead of one public ipv4 address you get a whole net with ipv6 addresses.
Your computers get one or more addresses from that net. They all are public, but usually protected by the routers firewall against unwanted incoming packets.
To use these addresses for remote access we need to do at least two things:
open the routers firewall or a particularly service/port for the device on the lan (no nat anymore)
create one dns name for that device (not for the routers ip address anymore)
opening/configuring the firewall has to be done on the router
dns updates can be managed by the device itself or by the router.
Since privacy extensions (randomizing ip addresses) are in conflict with server use, I recommend to disable privacy extensions for that use case
My examples:
web server: http://tschaefer.dynv6.net
remote desktop: xfreerdp +glyph-cache /v:raspberrypi4.zts9jt8obs8kionr.myfritz.net
ssh: both