And it always causes issues.
Anyway, I hope the main joke got spotted too.
Let’s Encrypt now does IP certs: https://letsencrypt.org/2026/01/15/6day-and-ip-general-availability
Certbot doesn’t seem to be up to the task yet, but lego works.
But I’ll probably change it to some image host later, because I have no idea what I am doing.
Why does it not work… It embeds when creating the post.
Seems fine too, it’s HTTPS after all, should work.
OK, seems that it’s just the default LemmyUI that doesn’t like it, which is strange for the number of pict-rs requests in access.log.
Also by the number of 429, 5r/s is probably too low. Was. Anyway…
OR, that’s why there is the burst option. Right.
It’s gotten better but I’m not v6 only, I just don’t have v4. I have NAT64 which basically uses your IPv6 as the private address in a traditional NAT setup, allowing you to continue to access the legacy internet without IPv4 inside your network. Catch is you can’t connect to IPv4 addresses because it relies on a DNS64 server to generate IPv6 AAAA records from the IPv4 address when a domain only returns IPv4 so only DNS based services work. Basically it lets you have all the befits of a v6 only network with few of the drawbacks.
Oh, that sounds interesting. I’d love to see a rundown of the setup. Where is nat64 running? On your gateway router? On a separate machine? What happens if it goes down?
Historically it used to be running on my local router/firewall and the pure v6 was just between my devices and that firewall. However my setup has changed considerably since then and nat64 has been moved to a VPS out of my normal network path because I got my own public v6 space. So my current setup is basically firewall -> VPN -> VPS with BGP for normal(v6) internet comms. That whole path is pure v6 and then in the same datacenter as that BGP VPS is my NAT64 VPS. Beautiful thing about NAT64 is you don’t actually need it local if you don’t want. There’s even a fully public service for free if you don’t want to setup your own and don’t mind the tradeoffs (bad latency, shared IPs, low bandwidth) https://nat64.net/.
If it goes down for some reason I just lose access to websites that don’t normally have AAAA records, which sounds like a big loss but honestly I’ve been running NAT64 in some capacity since 2019 and so over time I have sort of black balled services that don’t have v6 in favor of ones that do so very little of my normal online activity normally needs v4. I actually have packet counting on my firewall tracking the amount of data exchanged with various large services, Google, Cloudflare, etc, my NAT64 VPS is one of the things it tracks and compared to my total traffic the NAT64 traffic is a very small <10% of my normal internet usage at this point.
you gotta get clatd on your computer
I deliberately don’t want or use a clat, the goal is to avoid IPv4
i see. does that meaningfully reduce the amount you use nat64? i ask because for me, most things go through dns anyway
No not really, I just don’t like having the address on my interface, ironically it doesn’t break half the stuff that removing 127.0.0.1 does…but I do that too XD. Removing loopback isn’t actually THAT bad but I’ve found more stuff that struggles with that than with not having a clat
i guess you’re living about 30 years in the future