Re: Global networking change in our AWS accounts
On Wed, 17 Nov 2021 at 09:12, Noah Meyerhans <noahm@debian.org> wrote:
> However, based on the responses, it is evident that this change will
> cause sufficient problems for enough people that we should reconsider
> its timing. To be clear, there is absolutely no pressure from AWS or
> any other entity to reduce our IPv4 footprint. This change is desirable
> in that it simplifies how our instances connect to the internet, making
> it easier to reason about their exposure, etc, but if we need to
> continue to manage direct IPv4 connectivity, we can do that.
>
> Rather than postponing this change indefinitely, what about delaying it
> until June 2022 (chosen arbitrarily). This gives more time for people
> to come to terms with the changes and make plans to adjust accordingly.
I guess I should probably also chime in with my own reasons for using
IPv4 (for completeness in the thread, if nothing else).
My current setup is that I have a single instance (with a public IPv4
address) and I've got the security group locked down to only allow
access from the two specific locations I need to access it from. One
of these locations has IPv6, but the other does not, so if I no longer
had IPv4 access for that instance I'd have to figure out some kind of
proxying solution (for the limited SSH and HTTP access I use), and IMO
that's going to be a net negative to the security of that instance, so
I'd really appreciate having continued access to that single IPv4. 😬
♥,
- Tianon
4096R / B42F 6819 007F 00F8 8E36 4FD4 036A 9C25 BF35 7DD4
Reply to: