• FrezikEnglish
    282 months ago

    That’s nothing that can’t be done with a good set of firewalls on IPv6.

    • socsaEnglish
      102 months ago

      The one thing you can’t do with IPv6 is yell the address across the room to the technician plugged into the switch trying to ping the node.

      • Pup BiruEnglish
        32 months ago

        no instead you yell the IP address and they spend 30min trying to debug why they can’t ping it or even get ICMP packets through and then you realise you yelled the private IP address and they were on the wrong side of the NAT

    • @IrateAnteater@sh.itjust.works
      32 months ago

      This is equipment that uses all statically addressed devices. And ignoring the fact that IPv6 is simply unsupported on most of them, there are duplicate machines that share programs. Regardless of IP version you need NAT anyway if you want to be able to reach each of the duplicates from the plant network.

      • Pup BiruEnglish
        22 months ago

        there are duplicate machines that share programs

        yes… that’s why every machine has its own IP address… so that they can both use the same port and you don’t have to connect to crazy bullshit like https://myhomerouter.example.com:8443/

    • @Hotzilla@sopuli.xyz
      12 months ago

      Good luck trying to find industrial stuff that supports IPv6, hell most of it is still serial.

      I have legit heard that serial is security mechanism because it cannot communicate long distance like ethernet.

      Of course you can do IPv6 magic that hides IPv6 from the end device, but nobody understands how that magic works.

      • Pup BiruEnglish
        42 months ago

        Of course you can do IPv6 magic that hides IPv6 from the end device, but nobody understands how that magic works.

        it’s not magic… it’s a firewall, and it works pretty much exactly the same as a NAT: a whitelist of IP and port combinations