| 22 Mar 2025 |
 crispycat [they]π΄ββ οΈ | i should mention i also have a very cursed vps-to-reverse-proxy wireguard tunnel thing set up that's pretty much invisible to the rest of the network | 23:27:15 |
| crispycat [they]π΄ββ οΈ | In reply to @lucasmz:catgirl.cloud
What's intranet meant to be π€ printers, cameras, other things that should under no circumstances have internet access | 23:27:35 |
 lucasmz | In reply to @crispycat:calitabby.net
printers, cameras, other things that should under no circumstances have internet access Ahh OK | 23:27:44 |
| lucasmz | In reply to @crispycat:calitabby.net
currently running opnsense on a little computer box connected to switches and wireless aps, addressing looks like this:
- wan: single ipv4 from isp
- servers: 10.8/16
- primary lan: 10.16/16
- guest lan: 10.24/16
- intranet: 10.32/16
- on-the-go vpn: 10.40/16
for the ipv6 all i want to do is have a wan address as well as a couple for the servers
It's nice you think of IP ranges as :/16 numbers etc already | 23:28:19 |
| crispycat [they]π΄ββ οΈ | In reply to @lucasmz:catgirl.cloud
It's nice you think of IP ranges as :/16 numbers etc already i've been into basic networking stuff for a few years now, started on pfsense | 23:28:52 |
| crispycat [they]π΄ββ οΈ | opnsense is really nice, besides the networking capabilities stuff like builtin dns tracker blocking | 23:29:15 |
| lucasmz | I don't know too much about networking unfortunately π | 23:29:44 |
| lucasmz | Never had the hardware to learn really | 23:29:56 |
| crispycat [they]π΄ββ οΈ | In reply to @lucasmz:catgirl.cloud
I don't know too much about networking unfortunately π π₯οΈ<--->π₯οΈ or something like that | 23:30:27 |
| lucasmz | In reply to @crispycat:calitabby.net
currently running opnsense on a little computer box connected to switches and wireless aps, addressing looks like this:
- wan: single ipv4 from isp
- servers: 10.8/16
- primary lan: 10.16/16
- guest lan: 10.24/16
- intranet: 10.32/16
- on-the-go vpn: 10.40/16
for the ipv6 all i want to do is have a wan address as well as a couple for the servers
You don't do anything too weird so that's nice, it should be pretty straight forward | 23:30:32 |
| lucasmz | Maybe the firewall would be a bit more complicated I'm not entirely sure as you isolate between networks but IG it's fine | 23:30:58 |
| lucasmz | You get a prefix (assuming you do get IPv6 already but don't enable it), probably a /48 or /56 that you can then subnet into different VLANs and stuff | 23:31:51 |
| lucasmz | Intranet probably doesn't need it but if the firewall is set up properly it doesn't hurt | 23:32:09 |
| crispycat [they]π΄ββ οΈ | In reply to @lucasmz:catgirl.cloud
You get a prefix (assuming you do get IPv6 already but don't enable it), probably a /48 or /56 that you can then subnet into different VLANs and stuff yeah i do get it, it's just disabled | 23:32:23 |
| crispycat [they]π΄ββ οΈ | my issue is since i have other people sharing the network with me having a single WAN address adds a small amount of privacy and i'd like to keep that | 23:33:12 |
| crispycat [they]π΄ββ οΈ | at the very least i'd need to set it up not to use the device's mac address as apparently can happen | 23:33:25 |
| lucasmz | In reply to @crispycat:calitabby.net
at the very least i'd need to set it up not to use the device's mac address as apparently can happen It will only happen with legacy devices | 23:33:43 |
| lucasmz | Like really old | 23:33:46 |
| lucasmz | Not really an issue | 23:33:48 |
| lucasmz | Or just dumb ig | 23:34:11 |
| crispycat [they]π΄ββ οΈ | most of my devices don't do any mac spoofing by default | 23:34:34 |
 ducklipsndeuces | π₯οΈπ§Άπ₯οΈ <== my previous employer's NOC. Lol. | 23:35:05 |
| lucasmz | In reply to @crispycat:calitabby.net
most of my devices don't do any mac spoofing by default They don't need to :) | 23:37:36 |
| crispycat [they]π΄ββ οΈ | i should be able to enable ipv6 on one of my vps with no further work (other than AAAA records) since it's just functioning as a webserver | 23:37:52 |
| lucasmz | In reply to @crispycat:calitabby.net
i should be able to enable ipv6 on one of my vps with no further work (other than AAAA records) since it's just functioning as a webserver Probably a good initial test | 23:48:12 |
| lucasmz | I have IPv6 if you need a tester ;P | 23:48:23 |
| 23 Mar 2025 |
 nickcalyx | https://www.youtube.com/watch?v=w57V7OxINS0 | 00:42:43 |
|  @prick123:matrix.org joined the room. | 01:54:30 |
| @prick123:matrix.org left the room. | 02:03:23 |
| ducklipsndeuces | Soooouuuulll Trraaaaaiiiinn | 02:04:47 |
