I really like the private networking offering. I was reading the blog posts going into the details, and I was intrigued by how Fly uses IPv6 addresses for metadata to break down region, network, instance.
From the breakdown of the address metadata, it sounds like all Fly VMs are in a shared ipv6 ULA space? I sort of expected there to be an overlay network, so each user lives in their own ULA. Isn’t it riskier to do this without an overlay since bugs in routing/firewall could leak guest packets? Maybe some BPF magic that helps here?
Seems like ipv6 enables you to do some cool routing/firewall tricks
Hope I’m not asking too much about the magic!