I mean on a technical level. Are the devices that make up the infrastructure of the internet hardwired with IPv4? Is the firmware on these devices impossible to upgrade remotely?

If it’s just a matter of software or firmware then adoption should only take like a year but clearly that isn’t the case. So what specifically is stopping us?

  • Coelacanthus@infosec.pubEnglish
    1·
    19 days ago

    I don’t want each client to have a globally unique address as that just allows insane tracking.

    Just for this issue, SLAAC has a privacy extension to generate temporary random IPv6 address for outcome traffic. It’s untrackable as well, but in different way to NAT (one device has many addresses instead of many devices have one address).

    • blackstrat@lemmy.fwgx.ukEnglish
      1·
      18 days ago

      If you are using SLAAC with basically random addresses then your device specific firewall rules break or aren’t creatable in the first place.

      • Coelacanthus@infosec.pubEnglish
        1·
        18 days ago

        No. It’s not random. SLAAC uses EUI-64 by default, it generate fixed /64 suffix from MAC. And with suffix match of nftables you can still do device specific income firewall rules. For random privacy address, it’s only used for outcome so just block all other income of IPv6 addresses except EUI-64 is enough.