**Michael W Lucas¹** @mwl@io.mwl.io · Apr 01, 2024, 19:10

**Michael W Lucas¹** @mwl@io.mwl.io · Apr 01, 2024, 19:10

Michael W Lucas¹ @mwl@io.mwl.io

Apr 01, 2024, 19:10

Michael W Lucas¹ @mwl@io.mwl.io

First problem with bloom.host: IPv6.

network 2602:fb89:1:5f::/64
gateway 2602:fb89:1::1

Uh... am I being daft, or is this just not right? #sysadmin

**peter hessler @openbsd** @phessler@bsd.network · Apr 01, 2024, 19:30

**peter hessler @openbsd** @phessler@bsd.network · Apr 01, 2024, 19:30

Apr 01, 2024, 19:30

peter hessler @openbsd @phessler@bsd.network

@mwl this is a newfangled thing that some providers do, to save on NDP table entries.

I've never run into this silliness in the wild before, and can't remember how to handle it.

**Darren VanBuren 🏳️‍🌈** @onekopaka@theoks.net · Apr 01, 2024, 19:40

**Darren VanBuren 🏳️‍🌈** @onekopaka@theoks.net · Apr 01, 2024, 19:40

Apr 01, 2024, 19:40

Darren VanBuren 🏳️‍🌈 @onekopaka@theoks.net

@phessler @mwl to me, it seems that this approach just makes more of a nightmare out of NDP tables... because you get an entry for every address they're using in the subnet you give them rather than a single /128 on the link, then routing the entire subnet you want to give them to that /128.

**David Cross** @david@mastodon.crossfamilyweb.com · 2024-04-02T04:33:38Z

David Cross @david@mastodon.crossfamilyweb.com

@onekopaka @phessler @mwl Yes, I was going to comment on this. Every time I come up with a reason this makes sense... I realize it is pointless. The only thing I can think is that they've totally overlayed a bunch of logical IPv6 subnets on a larger physical network, but without isolation this is a security nightmare.. but it then begs the question, what would do the isolation like this?

Also, I cannot help but think this is a direct consequence of how BADLY designed IPv6 is.

Apr 02, 2024, 04:33 · · Web · · ·

Resources

Developers

What is Mastodon?

mastodon.crossfamilyweb.com

More…