mdns-discovery-proxy VS ipv6-ghost-ship

> Using ULA … the network side of our private internet space is only 6 characters

How do you fit the fixed 8-bit ULA prefix (fd00::/8) plus the 40 random bits you're supposed to use for the Global ID (per RFC 4193) into six hex characters? It should be at least 12, e.g. fdXX:XXXX:XXXX::/48.

As for remembering addresses, yes, just use (m)DNS. You can even set up an mDNS Discovery Proxy[0][1] so that devices which don't support mDNS themselves can resolve the names via regular unicast DNS.

[0] https://www.rfc-editor.org/rfc/rfc8766.html

[1] https://github.com/mkuron/mdns-discovery-proxy

If each RIR is limited to one /3, they can hand out 2^45 /48’s or over 8,000 entire IPV4 worth of addresses that can than be each subnetted 2^16 times and each subnet support billions upon billions of hosts. And if we reserved a private address space at another single /3 like 10.0.0.0 is for IPV4 each one of those billions of hosts could have 2^45 addresses behind them as well. Even if there were 15 billion humans and 15 billion businesses and government entities and so on, a single /3 could provide enough /48s with over a billion of addresses to spare. IPV6 has no lack of addresses.

Allowing for hosts to use a full /64 allow for additional features such as an “address TOTP” like this[0]. I will concede that they implemented this with just a /80.

[0]: https://github.com/aidansteele/ipv6-ghost-ship

IPv6-ghost-ship: Using TOTP as part of an AWS EC2 IPv6 address\ (37 comments)

Good point, just had a look at the code. The NF queue will receive packets from all IPs in the /80 and they are all processed and validated by the ghost program that reads from the queue. So it could do the rate limiting there with full visibility.

https://github.com/aidansteele/ipv6-ghost-ship/blob/main/mai...