this post was submitted on 13 Jul 2023
116 points (95.3% liked)

Selfhosted

40042 readers
777 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

The question above for the most part, been reading up on it. Also want to it for learning purposes.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 5 points 1 year ago (1 children)

How does that work, having the same IP internally and externally?

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago) (1 children)

A good ISP that supports IPv6 will give you a /64 range. That's a huge number of IPs, 2^64. Easily enough for every device on your network to have a lot of public IPs. If you use Docker or VMs, you could give each one a public IPv6 address.

When every device on your network can have a public IP, there's no longer a reason to have private IPs. Instead, you'd use firewall rules for internal-only stuff (ie allow access only if the source IP is in your IPv6 range).

This is how the internet used to work in the old days - universities would have a large IP range, and every computer on campus would have a public IP.

Of course, you'd still have a firewall on your router (and probably on your computers too) that blocks incoming connections for things you don't want to expose publicly.