this post was submitted on 01 Dec 2025
57 points (98.3% liked)

Selfhosted

53304 readers
1206 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
57
Are there any VPNs that support dedicated IPv6 addresses? (ttrpg.network)
submitted 1 day ago by vextuu@ttrpg.network to c/selfhosted@lemmy.world
22 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] litchralee@sh.itjust.works 16 points 1 day ago* (last edited 1 day ago) (1 children)

You might also try asking on !ipv6@lemmy.world .

Be advised that even if a VPN offers IPv6, they may not necessarily offer it sensibly. For example, some might only give you a single address (aka a routed /128). That might work for basic web fetching but it's wholly inadequate if you wanted the VPN to also give addresses to any VMs, or if you want each outbound connection to use a unique IP. And that's a fair ask, because a normal v6 network can usually do that, even though a typical Legacy IP network can't.

Some VPNs will offer you a /64 subnet, but their software might not check if your SLAAC-assigned address is leaking your physical MAC address. Your OS should have privacy-extensions enabled to prevent this, but good VPN software should explicitly check for that. Not all software does.

[–] vividspecter@aussie.zone 4 points 15 hours ago (1 children)

Yeah, you're stuck with NAT66 with most commercial VPNs that support IPv6. If you've got ISP level ipv6 you can still allow inbound connections directly at least.

If you do go the NAT66 route, consider assigning a fake GUA from an unassigned prefix as if you use standard ULAs outbound connections will always prefer ipv4.

None of this is in the spirit of proper ipv6 but it "works".

[–] litchralee@sh.itjust.works 1 points 14 hours ago

I've seen the suggestion of buying a GUA subnet, purely to use as a routable-but-unique prefix that will never collide, and will always win over ULA or Legacy IP routes. When I last checked, it was something like €1 for a /48 off of someone's /32 prefix, complete with a letter of authorization and reverse IP delegation. So it could be routable, if one so chooses.