Related

Why does my IPv4 address work when added to my cloud firewall but my IPv6 address does not? Question Question
How configure docker with ipv6? Question Question

Question

Whitelist my home IPv6 network in Cloud Firewall?

Posted February 27, 2020 1.3k views
IPv6DigitalOcean Cloud Firewalls

Yesterday, I whitelisted my computer’s IPv6 address for SSH into my Droplets. Today, my computer has a different IPv6 address. The first 64 bits are the same (“network part”?) and the last 64 bits have changed (“host part”?).

I have two questions:

  1. Given my IP address or information available on my router, is it possible to tell the range of IP addresses any host on my home network might be assigned?
  2. Given that range, can I whitelist it in Cloud Firewall?

Thank you.

Add a comment
abackstrom
By:
abackstrom
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
MelodyM February 28, 2020

Hey there! You can restrict access by IP address, subnets, or CIDR ranges on your DigitalOcean Cloud Firewall.

Your IP range will vary as your ISP can often change your address. Sites like whatismyipaddress.com will often give you some details about your current network, but I wouldn’t recommend restricting SSH to a range of dynamic IP addresses.

Instead, it’s better practice to login in to your Droplet using SSH keys for a non-root user with sudo privileges, and have root login disabled. We have a guide which discusses this further here https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys-on-ubuntu-1804

https://www.digitalocean.com/community/tutorials/understanding-ip-addresses-subnets-and-cidr-notation-for-networking

Understanding IP Addresses, Subnets, and CIDR Notation for Networking
by Justin Ellingwood
IP addresses, networks, submasks, and CIDR notation can be difficult concepts to understand. In this guide, we will cover some of the basic ideas behind how these systems work together to allow computers to communicate over the internet.
Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help