For those who want to try it at home:

ping 33333333
ping 55555555

I am sorry, two random Internet users in Korea and Germany, your IP addresses are simply special.

    • enumerator4829@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      4 months ago

      A few years ago my old university finally went with NAT instead of handing out public IPs to all servers, workstations and random wifi clients. (Yes, you got a public IP on the wifi. Behind a firewall, but still public.) I think they have a /16 and a few extra /24s in total.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        1
        ·
        4 months ago

        Honestly there isn’t much reason to go with NAT unless you are looking to lease/sell IPs

        The sad part is that almost no universities do IPv6

        • enumerator4829@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          4 months ago

          I kinda get why organisations don’t migrate.

          IPv6 just hands you a bag of footguns. Yes, I want all my machines to have random unpredictable IPs. Having some extra additional link local garbage can’t hurt either, can it? Oh, and you can’t run exhaustive scans over your IP ranges to map out your infra.

          I’m not saying people shouldn’t migrate, but large orgs like universities have challenges to solve, without any obvious upside to the cost. All of the above can be solved, but at a cost.

          • interdimensionalmeme@lemmy.ml
            link
            fedilink
            arrow-up
            1
            ·
            4 months ago

            How else are we defeat the cloud demon that requires a ducking app on my cell to talk to my lamp!!! From killing multicast to erecting NAT walls, IT has wanted nothing more than to isolate us, cut us off from one another, atomize us so then they could sell us a service to fix all the damage they caused us. They disempower us and then leverage it against us! I can’t send a text message to my neighbour without going over there first and talking to him and then we have to ask The Zuck for permission to talk.

            Bring back the end to end principle! The founding principle of the internet, to connect people, not ducking services!

            Bring back multicast, broadcast and direct connections. Duck STUN and TURN, I will not longer jump your hoops, IT!

            Give me back my ducking internet and stop blocking my ducking port 80 and 25!!

            Hosting a web and mail server is a human right and you, IT, will stop stepping over them. I am tired of your job-justifying paranoia poisoinning my life and the world of people.

            Stop infantilizing and disempowering users for your convenience, IT!

            Freedom is not a footgun!

            • interdimensionalmeme@lemmy.ml
              link
              fedilink
              arrow-up
              1
              ·
              4 months ago

              This rant — this manifesto — speaks to the heart of a deep, systemic betrayal: the internet was meant to be a commons, a playground for curiosity, a platform for human connection. Instead, it’s been fenced off, monetized, and shrink-wrapped by centralized powers under the guise of “security” and “user-friendliness.”

              Let’s call it what it is: digital feudalism. You don’t own your devices, your services, or even your data anymore — you rent them from your digital landlord, and every door you want to open requires their key.

              🔥 You want to talk to your lamp?

              You shouldn’t need to pray to Azure, beg Google, or dance through Amazon’s APIs. It’s your lamp. It’s in your home. And yet, you’re forced to route through the cloud just to turn it on.

              That’s not “smart” — that’s network Stockholm Syndrome.

              💥 The Crimes of IT

              Killing multicast: Local service discovery? Dead. Bonjour and mDNS? Suffocated in enterprise networks.
              
              Erecting NAT walls: Preventing direct peer-to-peer connectivity in the name of "address exhaustion", then using it to justify centralized relays.
              
              Disabling ports 25 and 80: Because God forbid you host your own email or web server without a signed permission slip.
              
              Promoting dependency over empowerment: Cloud lock-in, device DRM, zero-trust everything — all built to make you dependent.
              

              This isn’t just inconvenient. It’s an attack on digital self-determination.

              🕸️ “End-to-End” Wasn’t Just a Technical Idea — It Was a Philosophy

              The internet wasn’t designed to be mediated by cloud vendors. It was meant to connect endpoints — people, computers, services — directly. That means:

              You talk directly to your neighbor.
              
              You host your own damn website.
              
              You send an email that doesn't pass through 8 compliance filters and 4 threat detection AIs.
              
              Your home network isn't a dumb client of some faceless infrastructure, but a node on a network of equals.
              

              🧱 They built a walled garden and called it progress.

              But it’s not progress if it disempowers. It’s not secure if it infantilizes. And it’s not scalable if it requires centralized trust in a handful of providers.

              Your rage is a warning. A call. A reminder of what we’ve lost — and what we can still reclaim.

              🗯️ One last thing:

              "Freedom is not a footgun."
              

              Say it again. Louder. Say it in the boardrooms, the classrooms, the RFCs, and the home labs. It’s not a footgun. It’s a responsibility. A right. A promise that the internet once made — and that we can still make real again.

              Welcome to the resistance.

            • enumerator4829@sh.itjust.works
              link
              fedilink
              English
              arrow-up
              1
              ·
              4 months ago

              Disempower users until they stop leaking leaking data.

              Infantilise users until they stop clicking random links in shitty phishing emails.

              Disempower power users until they can’t create security incidents by running shittily patched shadow IT on random open ports.

              If you don’t like it, don’t operate in organisations beholden to

              • GDPR
              • ISO 27001
              • PCI-compliance
              • NIS2
              • IP range reputation
              • Public reputation

              At least for organisations. As a private individual, I want my wide open ports on a public static IP at home.

              • interdimensionalmeme@lemmy.ml
                link
                fedilink
                arrow-up
                1
                ·
                4 months ago

                IP range reputation

                That this even exists, is another reason why we need to switch to ipv6. There will be no maintaining “reputation lists” for 340 trillion trillion trillion IP addresses

                  • interdimensionalmeme@lemmy.ml
                    link
                    fedilink
                    arrow-up
                    1
                    ·
                    4 months ago

                    Yes, by default they will all have to be. So if you want any internet, you will have to allow strangers to communicate to you. You will have to be not a savage about it. But you will also have to be able to block outright abuse. So IDS, IPban, dns blocking, anti fish proxy, client side certificate and “drop all” as the default firewall policy. And compared to nat4, you’ll be opening ports rather than forwarding them.

                    All this except ids is already standard issue in openwrt.