"...they're looking at how to monetize internet service, and of course the idea is maximize the number of users you can put up with the IP address space, and so NATs are a ... natural outcome of a business motivation for increasing total amount of service that you can give with one IP address." -- Vint Cerf
There you go folks: NATs are a tool of capitalism. Cast off your NATs and deploy #IPv6 today!
"And I realized, when you go through any endeavor, any journey, whether across town or to the moon and back, all that matters is that you share the experience with people that you love. That’s what makes life special, ‘cause ultimately, that’s all there is. That’s really all there is."
-- Alan Bean, fourth man on the moon
Litany against NAT
apologies to Frank Herbert
I must not NAT.
NAT is the net-killer.
NAT is the little-death that brings total obliteration.
I will face my NAT addiction.
I will permit it to pass over me and through me.
And when it has gone past I will turn the inner eye to see its path.
Where the NAT has gone there will be a proper firewall.
Only IPv6 will remain.
I have my phone set to auto-deny any number that is not in my contact list to combat the ever increasing amount of spam I've been getting. Unfortunately there is one insurance scammer that has taken to leaving voicemails. Multiple VMs a day for the last two weeks.
I contacted my provider about disabling my VM box altogether. They do not support this. You can, however, redirect missed calls to another number instead.
I now send missed calls to: https://github.com/pjf/rickastley
Eat Rickroll, spammers!
They still don't know what caused this. They didn't tell me outright I had to take a new prefix, but they strongly recommended it. I said let's assume I'm getting it all back because hey this isn't my screw up, and we still don't understand what's going on. We can always get me a new prefix later if we learn something more about this.
Spoke to a third CSR this weekend about this. Agitation rising. Somebody in ops needs to update the bleeping ticket!
OK, the temporary /64 does work. They set the route target to the SLAAC address that I wasn't using rather than the address the existing /56 was set to.
No update this morning. Called back to push things along. They assigned me a temporary /64 so I could at least get my MX going again, but that isn't working either. They've royally effed up routing to my node.
Ticket open for 24 hours. "Escalated" 8 hours ago. Still no update. I guess I'll go to bed and hope for something in the morning, but I kinda doubt it.
Coming up on 6 hours later and the only update from Linode's side has been "Please send us mtr output". I explained that I can get to Linode just fine and reiterated what I think is going on. I sent the mtr info along so they can't say I'm being difficult.
There's something I never thought I'd have to do. Just had to escalate a ticket with Linode. Looks like they reassigned some of my #IPv6 /56 out to another customer. I've had that range for 9¾ years, so this should be interesting.
> For those who are having problem with this, you should be able work around it by copying /usr/lib/systemd/network/99-default.link to /etc/systemd/network/99-default.link and replace MACAddressPolicy=persistent with MACAddressPolicy=none in the latter, which should prevent udev from doing anything relevant. [...]
Don't change shit on me between boots!
I HATE SYSTEMD!
No, it changed the MAC address of the first interface, which it then used for the address of bond0. Still same effect.
STOP MESSING WITH MY ADDRESSES!
I am really getting tired of systemd. I applied updates for Debian 11.1 and rebooted. It decided to assign a new MAC address to bond0 instead of using the permaddr of the first interface. This causes SLAAC to assign a whole new #ipv6 address and DNS is no longer accurate.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!