undefined | Better HN

0 pointsDylan168078mo ago0 comments

> For a whitelist system, then by definition yes?

A whitelist system would consider all IPv4 traffic suspicious by default too. This is not an answer to why you'd be suspicious of IPv6 in particular.

> I’ve not heard of any feasible solution more precise than banning huge ranges of ipv6 addresses.

Handling /56s or something like that is about the same as handling individual IPv4 addresses.

0 comments

I try to build things to be INET6 ready, and just repeat /64s like a single host. Eventually this will probably have to broadened to /56s or /48s.

> A whitelist system would consider all IPv4 traffic suspicious by default too.

Based on what argument…?

The definition of whitelisting. The argument you brought up.

No…? Someone can clearly implement a whitelist system that applies only to ipv6… but that makes no judgement on ipv4.

j / k navigate · click thread line to collapse