• Quick IPv6 question - granularity of addresses

    From David@21:1/5 to All on Wed Sep 18 17:27:56 2024
    Capturing this thought in passing.

    IPv6 was designed (IIRC) so that users would never ever run out of IP addresses.

    So each smart device in your home could have their own address, no need to share using NAT.

    For a PC such as this (and no, VM don't support V6) would you expect the
    PC to have one unique address, or for programmes running on the PC each to
    have their own IP address?
    For example Chrome and Edge to have different IPv6 addresses?
    WhatsApp and Signal to have different IPv6 addresses?

    TIA


    Dave R


    --
    AMD FX-6300 in GA-990X-Gaming SLI-CF running Windows 10 x64

    --
    This email has been checked for viruses by Avast antivirus software. www.avast.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Ian@21:1/5 to David on Thu Sep 19 07:32:22 2024
    On 2024-09-18, David <wibble@btinternet.com> wrote:
    Capturing this thought in passing.

    IPv6 was designed (IIRC) so that users would never ever run out of IP addresses.

    So each smart device in your home could have their own address, no need to share using NAT.

    For a PC such as this (and no, VM don't support V6) would you expect the
    PC to have one unique address, or for programmes running on the PC each to have their own IP address?
    For example Chrome and Edge to have different IPv6 addresses?
    WhatsApp and Signal to have different IPv6 addresses?

    TIA

    One* (global) address per PC** would be usual. Theoretically, you could allocate
    multiple global IPs and get each application to bind to a specific one, but I dobut malware like Chrome/Edge/WhatsApp/Signal etc. exposes this functionality.

    * One of the irritating "design" decisions fo IPv6 was to normalise having multiple addresses per interface. You get a link-local and a global IPv6 address
    just for starters.

    ** Strictly per interface, but a "PC" will typically only have one interface.

    --
    Ian

    "Tamahome!!!" - "Miaka!!!"

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Daniel James@21:1/5 to Ian on Thu Sep 19 12:13:38 2024
    On 19/09/2024 08:32, Ian wrote:
    ** Strictly per interface, but a "PC" will typically only have one interface.

    True, but it's not uncommon for a PC to have WiFi (and also wired
    ethernet) and so two addresses. Even Raspberry Pis (those that have a
    wired network port) do that.

    --
    Cheers,
    Daniel.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Richard Kettlewell@21:1/5 to David on Thu Sep 19 15:11:05 2024
    David <wibble@btinternet.com> writes:
    Capturing this thought in passing.

    IPv6 was designed (IIRC) so that users would never ever run out of IP addresses.

    So each smart device in your home could have their own address, no need to share using NAT.

    For a PC such as this (and no, VM don't support V6) would you expect the
    PC to have one unique address, or for programmes running on the PC each to have their own IP address?
    For example Chrome and Edge to have different IPv6 addresses?
    WhatsApp and Signal to have different IPv6 addresses?

    Servers sometimes use different addresses to different services, but for desktop applications that would be unusual at best, and they don’t
    generally have any mechanism to bind their outbound connections to a
    specific local address - they will use whatever source address the OS
    gives them.

    Virtual machines and containers are sometimes given their own public
    addresses, and depending on platform it may be possible to use the same underlying mechanism to achieve the same effect for desktop
    applications. For example under Linux you should be able to do it by
    running the application in a suitably configured network namespace.

    --
    https://www.greenend.org.uk/rjk/

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Theo@21:1/5 to Ian on Thu Sep 19 15:16:06 2024
    Ian <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> wrote:
    One* (global) address per PC** would be usual. Theoretically, you could allocate
    multiple global IPs and get each application to bind to a specific one, but I dobut malware like Chrome/Edge/WhatsApp/Signal etc. exposes this functionality.

    You often have more than one IPv6 address. One stable one for 'incoming' traffic (servers running on the machine) and another for 'outgoing' traffic, that changes regularly. This prevents fingerprinting you based on the IP (where otherwise websites would be able to 'see behind' the router and fingerprint devices, whereas it all appears from the same NATted IPv4).

    Because you may have pre-existing connections from an old outgoing IP, that
    may hang around even if new connections use its successor(s). So your interface may have a series of addresses associated.

    If you wanted to keep them separate, you could coerce say Facebook and
    Whatsapp apps to use different outbound IPs so they couldn't correlate traffic between the two. That would either require some tweaks with the network
    stack, or have them run in containers and then pass through traffic.

    ** Strictly per interface, but a "PC" will typically only have one interface.

    More than you think - wifi, ethernet, LTE, bluetooth, USB network adapters...

    Theo

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From David@21:1/5 to Theo on Fri Sep 20 11:51:45 2024
    On Thu, 19 Sep 2024 15:16:06 +0100, Theo wrote:

    Ian
    <${send-direct-email-to-news1021-at-jusme-dot-com-if-you-must}@jusme.com> wrote:
    One* (global) address per PC** would be usual. Theoretically, you could
    allocate multiple global IPs and get each application to bind to a
    specific one, but I dobut malware like Chrome/Edge/WhatsApp/Signal etc.
    exposes this functionality.

    You often have more than one IPv6 address. One stable one for
    'incoming'
    traffic (servers running on the machine) and another for 'outgoing'
    traffic,
    that changes regularly. This prevents fingerprinting you based on the
    IP (where otherwise websites would be able to 'see behind' the router
    and fingerprint devices, whereas it all appears from the same NATted
    IPv4).

    Because you may have pre-existing connections from an old outgoing IP,
    that may hang around even if new connections use its successor(s). So
    your interface may have a series of addresses associated.

    If you wanted to keep them separate, you could coerce say Facebook and Whatsapp apps to use different outbound IPs so they couldn't correlate traffic between the two. That would either require some tweaks with the network stack, or have them run in containers and then pass through
    traffic.

    ** Strictly per interface, but a "PC" will typically only have one
    interface.

    More than you think - wifi, ethernet, LTE, bluetooth, USB network
    adapters...

    Theo

    Very interesting, thank you.

    I cam across this through trying to tie an IPv6 address to an end user -
    seeing if the same IP address was always used, and if not, was the user
    moving between locations or just changing IPv6 address for the same PC (or phone/tablet).

    Cheers



    Dave R

    --
    AMD FX-6300 in GA-990X-Gaming SLI-CF running Windows 10 x64

    --
    This email has been checked for viruses by Avast antivirus software. www.avast.com

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)