IPv6 is so much better. Have a bunch of different services at home, just add rules to allow what I want through the router firewall, and they can each provision a Let's Encrypt certificate (as they each have a port 80 and port 443, instead of having to share the), and each be accessible from the Internet (without having to set up port forwarding).
@sgryphon ...share the IP, right?
Interesting. However, you have still to set up ipv4 if you want to be reached from ipv4 networks, right?
@aluaces to be more specific, you don't need to set up IPv4 on the IPv6 machine, or your internal network, hence simplifying as you only need one set of configuration, one firewall, etc. (compared to dual stack).
You do however need to have IPv4 access on some other (single) machine to act as an outgoing NAT64 / incoming proxy.
But this is largely the same for IPv4 as you only have private IPv4 addresses so for outgoing need to go through NAT44 and incoming needs to port forward/proxy.
The gateway needs a public IPv4 address in both cases, but the rest of the IPv4 world does not know (can not tell) if your internal network is an IPv4 private range or IPv6.
@sgryphon Much appreciated! I was not challenging the idea of going ipv6-only, but just making sure that the steps to follow when targeting ipv4 clients involve some sort of natting.
Your posts were very clear and useful to me.
@aluaces IPv4 usually require NAT anyway.
At least with an IPv6 server there is only one NAT, compared to hosting provider NAT to 10.x range, then virtual machine NAT to 192.168 range, then container NAT to 172.16 range.
An IPv4 private 172.16 k8s pod is as unreachable by an IPv4 client as IPv6. Any solution with IPv4 (even without IPv6) needs NAT.
@aluaces to make an IPv6 site available to IPv4 you need someone with an IPv4 address to provide a proxy. e.g. my hosting provider, Mythic Beasts, provides that for all customers.
Some content delivery networks (CDNs) also provide IPv4 proxy services. Some CDNs have free tiers, try Cloudflare.
Otherwise you need to pay for a very cheap dual stack server (all it needs do is proxy).
If you don't want general availability, you could also try an IPv6 tunnel broker, that will run an tunnel (over IPv4) to your device, e.g. laptop, allowing it to access IPv6 only resources. Try Hurricane Electric.
Again note that if you are self hosting on IPv4 then you would also be using NAT to the private range. The difference is not NAT (both use it), but whether you have an IPv4 address to use with the NAT.