/plushcap/analysis/buildkite/session-ip-address-pinning-for-dual-stack-ipv6

Session IP address pinning for dual-stack IPv6

What's this blog post about?

Buildkite introduced session IP address pinning as an additional security measure to ensure authorized sessions can only originate from the IP address that initially created the session. However, challenges arise with dual-stack IPv6 connections due to the complexities of IPv6 addressing and frequent changes in IP addresses. To enhance user experience for these users, Buildkite is considering improvements such as pinning both an IPv4 and IPv6 address or pinning an IPv6 /64 subnet instead of a specific /128 address. These enhancements aim to provide a more seamless and secure experience for users with dual-stack IPv6 connections, addressing the challenges posed by the Happy Eyeballs algorithm and dynamic nature of IPv6 addressing.

Company
Buildkite

Date published
Oct. 12, 2023

Author(s)
Steve Hoeksema

Word count
1099

Language
English

Hacker News points
2


By Matt Makai. 2021-2024.