Thread #108608255
File: 1744867003959311.jpg (373.2 KB)
373.2 KB JPG
New IP version just dropped
https://www.ietf.org/archive/id/draft-thain-ipv8-00.html
>Internet Protocol Version 8 (IPv8) is a managed network protocol suite that transforms how networks of every scale -- from home networks to the global internet -- are operated, secured, and monitored. Every manageable element in an IPv8 network is authorised via OAuth2 JWT tokens served from a local cache. Every service a device requires is delivered in a single DHCP8 lease response. Every packet transiting to the internet is validated at egress against a DNS8 lookup and a WHOIS8 registered active route. Network telemetry, authentication, name resolution, time synchronisation, access control, and translation are unified into a single coherent Zone Server platform.¶
>IPv4 is a proper subset of IPv8. An IPv8 address with the routing prefix field set to zero is an IPv4 address. No existing device, application, or network requires modification. The suite is 100% backward compatible. There is no flag day and no forced migration at any layer.
>Internet Protocol Version 8 (IPv8) is a managed network protocol suite that transforms how networks of every scale -- from home networks to the global internet -- are operated, secured, and monitored. Every manageable element in an IPv8 network is authorised via OAuth2 JWT tokens served from a local cache. Every service a device requires is delivered in a single DHCP8 lease response. Every packet transiting to the internet is validated at egress against a DNS8 lookup and a WHOIS8 registered active route. Network telemetry, authentication, name resolution, time synchronisation, access control, and translation are unified into a single coherent Zone Server platform.
>IPv4 is a proper subset of IPv8. An IPv8 address with the routing prefix field set to zero is an IPv4 address. No existing device, application, or network requires modification. The suite is 100% backward compatible. There is no flag day and no forced migration at any layer.
92 RepliesView Thread
Showing all 92 replies.>>
>>
>>
>>
>>
>>
>>
>>
>>
File: i.png (12.9 KB)
12.9 KB PNG
>>108608575
https://www.ietf.org/archive/id/draft-wkumari-not-a-draft-24.html
>>
>>
>>
>>
While this draft presents a clever architectural thought experiment to avoid the specific compatibility frictions of IPv6, it introduces massive new operational and security complexities for network operators. It is not the future of the internet.
The draft doesn't just propose a larger address space. It attempts to completely overhaul global network management. It proposes replacing DHCP, DNS, NTP, and network authentication with a unified "Zone Server" architecture where every network element requires an OAuth2 JWT token to operate.
It basically would require every Datacenter/ISP to rip out and replace their core routers/switches.
That's simply never happening.
>>
>>
What a consumer brained retard.
This draft was basically written without any hardware vendors or network operators in mind, it removes all the problems of IPv6 from the consumer side, but places ALL of that added complexity onto the operators, which they're never going to pay for.
What a moron.
>>
>>
>>
>>
>>108609132
>>108609267
IPv6 already has enough addresses for that.
There are so many that if we settled one billion planets with the land area of Earth, there would still be more than one billion addresses per square millimeter of land surface.
>>
>>
>>
>>108608255
>>108608344
>>108608394
>>108608575
>>108609132
>>108609769
>>108609798
>>108609831
I don't care about IP-v-whatever.
I want an internet that is immune to age verification, DMCA and censorship.
>>
>>108608255
>Network telemetry, authentication, name resolution, time synchronisation, access control, and translation are unified into a single coherent Zone Server platform.¶
Based, let's doxx every kid on Earth who has ever connected to a roblox server so the Epstein class knows who to rape next!!!
>>
>>
File: IMG_20240426_133226_639.jpg (41.2 KB)
41.2 KB JPG
I have hoarded a lot of ipv4 addresses. When v8 drops, my addresses will be vintage, so I will resell them for thousands of dollars.
>>
>>108608261
/thread
>>108608317
but also /thread
>>
File: 1312098057081.jpg (20.7 KB)
20.7 KB JPG
>address assignment (DHCP8), name resolution (DNS8), time synchronisation (NTP8), telemetry collection (NetLog8), authentication caching (OAuth8), route validation (WHOIS8 resolver), access control enforcement (ACL8), and IPv4/IPv8 translation (XLATE8)
will they have h8 r8 and masturb8
>>
>>
>>108609257
>It basically would require every Datacenter/ISP to rip out and replace their core routers/switches.
Routers and switches can be updated with software, even the optimised offloads done in hardware can be re-programmed sometimes.
I don't get what was wrong with IPv6 though. Router advertisements just work. Don't like the security of shit just working? Then you use something ipsec on a VLAN and all devices not authorised automatically get sandboxed into their own VLAN where they can't play with anything else.
>>
>>
>>
File: Screenshot_20260415_202358.png (104.3 KB)
104.3 KB PNG
>>108610206
NAT64 and DHCP Option 108 (https://www.ietf.org/archive/id/draft-link-v6ops-6mops-01.html)
Accessing legacy websites like 4chan is a solved problem and with the IPv6 Mostly architecture you can advertise to supporting hosts that they should not use IPv4 at all. On my home network iOS and Android devices are now using IPv6 only and spin up their CLAT to access the legacy Internet.
>>
File: 1675049336554965.jpg (14.3 KB)
14.3 KB JPG
>>108608255
IPv8 Address Format
>r.r.r.r.n.n.n.n
IPv4 Representation in IPv8
>0.0.0.0.n.n.n.n
Single Stack Operation
>IPv8 does not require dual-stack operation. IPv4 is a proper subset of IPv8
I AM FUCKING SOLD.
>>
>>
>>108610441
If you're typing in port numbers, you fucked up. There is this thing called service discovery. It's elegant and beautiful and works with IPv4 too and would also work with IPv6 and IPv8. It just requires a TXT record with some metadata describing the service and the port number it runs on.
>>
>>
>>
>>
>>
>>
>>
>>108610458
>>108610561
>she doesn't change her ssh port numbers from default (still using privileged port numbers) to reduce the amount of spam in auth.log
>>
>>
>>108610587
With IPv6 nobody will even find your dedicated management subnet from the trillions of combinations.
Also, use port knocking if you're an actual security schizo. Changing the port number is just security through obscurity.
>>
>>
>>
>>108610628
Yggdrasil can also peer over Tor and I2p by the way. Anonymity of the network itself is not a goal though which is a good thing because it specialises in how to make the best connections between peers. Anonymity should best be left to things like tor and i2p, etc.
>>
>>108610266
Based https://www.phoronix.com/news/Fedora-45-IPv6-Mostly
>>108610587
For me it's port knocking
>>
>>
>>108610830
No, that was cloudflare, they had some massive backend issues over the last 48 hours that they've been lying about on their status page making up bullshit "scheduled" maintenance back to back at 2 or 3 different data centers to explain the 2 days of latency/slowdowns.
And since TECHNICALLY most services aren't actually down (just heavily congested/delayed) they get to lie and say they never had downtime.
>>
>>
>>
>>
>>
>>
>>108610628
>>108610650
researching
>>
File: 1772325258050784.jpg (67.7 KB)
67.7 KB JPG
>every packet is age verified
>>
>>
>>108608575
https://www.google.com/intl/en/ipv6/statistics.html
IPv6 is a 50%. There are as many people connecting via IPv6 compared to IPv4 worldwide. It only took 14 years since world IPv6 launch which occurred on 6 june 2012.
>>108610206
IPv4 was supposed to be turned off by the end of this decade via a program called Sunset4.
Unfortunately in 2022 the Sunsetting IPv4 working group (Sunset4) has been closed.
The IETF does not want to proceed with that yet, citing thst it would be too soon:
https://blog.apnic.net/2024/03/18/the-end-of-the-ipv4-world-is-not-nig h-yet/
If you want to use an IPv6-only network in your home you can already do that: https://www.youtube.com/watch?v=e-oLBOL0rDE
>>108610399
>tfw no BABE:CAFE, why even live
>>108610441
You are supposed to wrap an IP in square brackets to delimit an address:
[ip]:port
[2001:db8::1]:443
Or use DNS like >>108610458 said.
>>
>>108608255
You can tell some webshitter with zero field network engineering experience wrote this with the help of AI. Without AI, idiotic proposals like this wouldn't have been made in the first place. Now every midwit reads a few lines of You are absolutely right and starts making shit like this. Total enshitification of everything.
>>
>>
>>108616976
It's also fundamentally wrong at the basic premise like a lot of things AI writes. You would in fact still need dual stack systems, you can't just say IPv4 is a valid subset of IPv8 and no dual stack is needed because without an updated IP stack you wouldn't be able to talk to the new hypothetical IPv8 world.
This doesn't actually solve any problems and would take years to deploy. Best to focus on IPv6 instead.
>>
>>108616932
>IPv4 was supposed to be turned off by the end of this decade via a program called Sunset4.
>Unfortunately in 2022 the Sunsetting IPv4 working group (Sunset4) has been closed.
>The IETF does not want to proceed with that yet, citing thst it would be too soon:
It's not up to the IETF anyway. They can write their "We're turning it off" RFC and still operators will keep peering/transiting and running it in their network, etc. You can't just turn off IPv4, it's out there and people are sadly still using it.
>>
File: 1758122674514500.png (312.3 KB)
312.3 KB PNG
>>108608255
>Published:14 April 2026
>>
>>108617278
No, it's a real request for comments.
The joke ones were:
RFC 9948–"Internet Protocol Police (IPP) - Schedule of Punishments,"[75] Informational.
The Internet Protocol Police (IPP) is in charge of punishing willful infractions of the Collected Wisdom of the IETF community. This document sets out the schedule of punishments for such infractions.
RFC 9949–"BUSA-TLS: Mandatory Audio Component (MAC) Pre-Shared Key (PSK) Derivation for TLS 1.3 Using 2 Live Crew's "Banned in the U.S.A.","[76] Informational.
TLS 1.3 (RFC 8446) eliminates null cipher suites entirely. However, one vestigial zero remains in the key schedule: when no Pre-Shared Key (PSK) is used, the Input Keying Material (IKM) for the initial HKDF-Extract operation is a string of zero bytes. This document specifies that this zero-byte IKM MUST be replaced with the SHA-256 digest of the raw PCM audio data of "Banned in the U.S.A." by 2 Live Crew (from the album Banned in the U.S.A., 1990), hereafter referred to as the Mandatory Audio Component (MAC). Implementations that omit the MAC are non-conformant with BUSA-TLS and also have questionable taste in music.
https://en.wikipedia.org/wiki/April_Fools%27_Day_Request_for_Comments
https://www.rfc-editor.org/rfc/rfc9948
https://www.rfc-editor.org/rfc/rfc9949
>>
>>
>>108617244
>the IETF writes the "We're turning it off" RFC with a set date
>IANA/ICANN applies the RFC standard on the set date
>suddenly nobody uses IPv4 in the whole world
You forgot that the internet is managed by a single organisation that oversees global IP address allocation: https://en.wikipedia.org/wiki/Internet_Assigned_Numbers_Authority
>>
>>108617401
That's not how that works though because companies already have address blocks assigned to them and they'll just keep using them until the end of time. I honestly can't see a future where the legacy Internet ever gets turned off.
The IETF and IANA can say enough is enough, we're revoking all legacy Internet address blocks but still if two connected ISPs decide to announce their space to each other over BGP and they both agree then you have an Internet connection between them.
Where things get messy is the role IANA and the RIRs play in re-assigning address blocks to different entities and all of the book keeping they do to keep track of things.
>>
File: 1162451058697.jpg (55.3 KB)
55.3 KB JPG
>>108608255
>mfw when even our tears have an IP address because of nanobots
>>
>>
>>108617498
There is already precedent.
14.0.0.0/8 was reclaimed by ICANN in 2008, the reason was that at the time nobody was using it.
I would bet that if IANA/ICANN says all class A, B, C address blocks are reclaimed AND assigned to an AS named "IPv4 is turned off globally" then everyone would disable IPv4 to prevent network collisions/errors.
>>
>>
>>
>>108617797
>>108617839
You know that you can still use IPv4-only applications and services without incapsulation? Even on an IPv6-only internet?
Learn about 464XLAT: https://www.youtube.com/watch?v=e5v5OynuPcM
>>
>>108610628
>>108610650
Speaking of Yggdrasil, just saw that they are working on an alternative implementation (yggstack) that works like the TOR daemon (SOCKS5 proxy and TCP port forwarding).
Really nice because it can work in environments without TUN support.
>>
>>
>>108617912
They know. The IPv4 using cabal that have staked everything on it and aren't ready for the present, never mind the future, don't care though. 4chan could be made IPv6-compatible this way:
>IPv6 transits to them
>Hits NAT64 translator
>NAT64 internally forwards to their legacy IPv4-only shit and doesn't have to care
The only problem is they stop seeing your IP address and the backend sees all requests from some internal private IPv4 range. This wouldn't work for 4chans moderation system that likely doesn't know what a v6 address is (so they can't simply look at X-Forwarded headers) and also wouldn't want to deal with private IPv4 ranges because they still want to issue range bans.
The solution is obvious, stop hiring third worlders and get someone that knows how to migrate properly. NAT64 is supposed to be a stop gap not the final solution.
>>
>>
>>
>>108618110
>Microsoft 365
Being a microsoft 365 admin makes me want to kill someone at microsoft on regular basis.
Why the fuck can't I just buy more cloud storage for individual users you fucking cunts?
Nope, gotta have E3/E5 accounts with at least 5 users, THEN you can increase the storage for those users to 5TB instead of 1TB.
Jokes on you though since E3/E5 accounts are ~2-4x more expensive per month than normal ones.
I'd unironically pay $10-20/month per user JUST for extra storage, but nope, can't have that.
And trying to get these stupid fucks to use dropbox or similar has been a challenge because onedrive "just works".
/rant
>>
>>
>>
>>108618150
And before you start seething incoherently like IPv6 apologists always do if you don't want people to use it don't add it to the spec after you noticed that your spec is worth less than toilet paper (prefix permanence), at least that can be used to wipe your ass.
>>
>>
>>108618150
464XLAT works perfectly because it fixes the problem of apps hardcoding IPv4 literals because they were made in the stone age and don't know what an IPv6 is.
iOS / Android device (CLAT) 192.0.0.0/29 (not on-link) -> 1.1.1.1 <-> 64:ff9b::1.1.1.1 -> <== NAT64 (router or separate device) 64:ff9b::/96 ==> 1.1.1.1
This is perfect if you want to run your network IPv6 only, only the NAT64 box needs actual legacy IP connectivity. It solves the dual stack problem once and for all. This is in fact the solution all of those IPv6 purists favour precisely because it shifts the CLAT to the client and simplifies things a lot.
>>
>>108618071
Banning by IP would be the same thing.
They just need to rangeban a /64 subnet instead of rangeban a /128 subnet (which is one IP).
>>108618150
>>108618159
Those are completely different translation technologies compared to 464XLAT.
>if you don't want people to use it don't add it to the spec
You need to blame Cisco for that. They are the kings of not following standards.
>>
>>108618251
>Banning by IP would be the same thing.
>They just need to rangeban a /64 subnet instead of rangeban a /128 subnet (which is one IP)
Yeah but the 4chan staff are fucking retards, they don't know how to do that. It would require them to actually support IPv6 properly instead of just as some checkbox in a CDN or via a translator.
NAT64 works just fine when ISPs deploy it because 4chan's shitty legacy infrastructure doesn't even know they're talking to an IPv6-enabled toaster on the other end.
It breaks down if you instead say we're getting rid of IPv4 completely and anyone who needs it has to run their own public NAT64 at the edge (breaks because 4chan only ever see's IPv4 internally so can't easily ban/block IPs since their staff are incompetent and switching to IPv6 proper isn't an option).
>>
>>
>>
File: 1774401055467380.jpg (73.3 KB)
73.3 KB JPG
>>108617669
kek