Now currently I’m not in the workforce, but in the past from my work experience, apprenticeship and temp roles, I’ve always seen ipv4 and not ipv6!
Hell, my ISP seems to exclusively use ipv4 (unless behind nats they’re using ipv6)
Do you think a lot of people stick with the earlier iteration because they have been so familiar with it for a long time?
When you look at a ipv6, it looks menacing with a long string of letters and numbers compared to the more simpler often.
I am aware the IP bucket has gone dry and they gotta bring in a new IP cow with a even bigger bucket, but what do you think? Do you yourself or your firm use ipv4 or 6?
I have IPv6 at home, at work, on my phone, and my hotspot. I have them on my websites and servers. IPv6 is everywhere for me. I use it all the time. Most people do and don’t even realize it.
IPv4 still reigns supreme on a LAN, because you’re never going to run out of addresses, even if you’re running an enterprise company. IPv6 subnets are usually handed out to routers, so DHCPv6 can manage that address space and you don’t need to know anything unless you’re forwarding ports on IPv6.
For the Internet, just use hostnames. There’s literally zero reason to memorize a WAN address when it could be an A/AAAA record.
It fixes must about every gripe I have with IPv4. It closes the hidden security holes NAT introduces. It pretty much configures itself. It allows you to use multiple Xboxes or Playstations within the same network and play online without faffing about! You can also disable the firewall entirely and basically never get scanned because scanning 2^64 addresses to find one computer is infeasible for bots (though you shouldn’t).
The addresses are longer, that’s for sure. But you shouldn’t be remembering those anyway. That’s why DNS exists! If you don’t have a local DNS server for some reason, just use mDNS, every device supports it out of the box. yourcomputersname.local will work in place of an IP address in just about everything since Windows Vista.
IPv6 was severely underdeveloped when the Necromancy Address Translation kept IPv4 usable twenty years ago, but we’re beyond that now. We have been for a while, actually.
Unfortunately, a lot of network people are the type that learned how networks worked in school forty years ago and decided that this is the way things are and they should never change again. That’s how you get things like “TLS 1.3 pretends to be a TLS 1.2 session resumption or half the internet will break” and “only port 80 and 443 are usable on the internet”. They even brought DHCP back when IPv6 works perfectly fine without it! At least Google did the right thing and refused to play ball with that malarkey in Android.
The whole address reserve argument never helped much. Super expensive cloud providers are now charging extra for IPv4 addresses but if you’re using Amazon AWS you’re used to paying through the nose anyway. CGNAT is a much worse problem, with thousands or hundreds of thousands of people sharing the same IPv4 address and basically being forced to solve CAPTCHAs all day because one of their IP coinhabitors has a virus.
As the comments here show, plenty of people can’t be bothered. That’s fine, legacy websites and devices can just use IPv4, that’s the beauty of it.
CGNAT is a feature – organizations tracing an IP back to source have to play bingo with a host of households who may / may not have downloaded that 1 torrent.
If organisations track your IP back, they can get your ISP to give them your contact details. CGNAT doesn’t protect you from carriers and legal means.
Govt, sure. Law firms running sting operations sure as hell can’t
Depends on where you live, I suppose. Here they sure can.
People still use IPv4 because companies are slow to adopt new technologies. They see it as a huge money drain and if there is not a visible or tangible benefit to it then they won’t invest in it. IPv6 is definitely a growing technology, it’s just taking it’s sweet time. For reference, currently the IPv4 has just under a million routes in the global routing table while IPv6 has ~216K routes. About 5 years ago it was something like 100K for IPv6 and not much has changed for IPv4.
I personally do not like the addressing of IPv6. It’s not just the length, but now you have to use colons instead of period to separate the octets which leads to extra key strokes since I have to hold shift to type in a colon. It’s a minor thing, but when networking is your bread and butter it adds up.
There are also some other concerns with IPv6. Since IPv6 tries to simplify routing by doing things like getting rid of NATing it also opens us up to more remote attacks. It used to be harder to target a specific user or PC that’s behind a NATed IP but now everything is out in the open. I’m sure things will get better as more and more people use it and there will be changes made to the protocol however. It’s just the natural evolution of technology.
I am very surprised to hear your ISP is not using IPv6. Seems like they’re a little behind the times. Unless they just don’t offer it to residential customers, which is still a bit behind the times too I guess.
IPv6 has a policy of throwing more address space at stuff to make routing simpler, though.
IPv4 will individually route tiny slices of address space all over the world, IPv6 just assigns a massive chunk of space in the first place and calls it a day.
Iv6 doesn’t try to simplify routing and remove nat. that’s just how things work. Nat is a workaround for ipv4.
Ipv6 is around since 1998. that’s not slow to adopt, at that point it is just plain refusal from some because of the costs you mentionend
Ipv6 does simplify routing. It has less headers and therefore less overheard. IPv6 addressed the necessity of NAT by adding an obscene amount of possible IPs. Removing the necessity of NAT also simplifies routing as it’s less that the router has to do.
Ipv6 as a concept was drafted in the 90s. It didn’t start actually being seriously used until ~2006/7ish.
There are other benefits of NAT, besides address range. Putting devices behind a NAT is hugely beneficial for privacy and security.
NAT is not a security feature. Your firewall blocks incoming traffic, not NAT. It introduces new complexity that now needs to be solved.
In corpo environments you have to struggle with NAT traversal for VoIP communication.
In home networks “smart” devices attempt to solve it with shit like uPnP and suddenly you get bigger holes in your network security than before. You could find countless home network printers on shodan because of this. Even though (or maybe because) they were “behind” NAT.
IPv6 has temporary IPs for privacy reasons. NAT is NOT a firewall. Setting up a real firewall is more secure and gives you more control without things like UPNP and NAT-PMP.
IPv6 addressed the necessity of NAT by adding an obscene amount of possible IPs
that is correct but doesn’t change the fact that nat came afterwards as a workaround und now the ip stack goes back to it’s roots without a nat workaround.
It didn’t start actually being seriously used until ~2006/7ish.
true but still nowadays it isn’t even slow anymore just refusal
that is correct but doesn’t change the fact that nat came afterwards as a workaround und now the ip stack goes back to it’s roots without a nat workaround.
And the end result is a simplification for routing.
true but still nowadays it isn’t even slow anymore just refusal
That’s just the pace of large scale adoption of new technology. Look at some of the technologies the banking and financial industry uses as an example (ISO 8583 is a great example). ISP’s still support T1 circuits as well.
Repeat after me kids:
NAT 👏 is 👏 not 👏 a 👏 security 👏 feature
I try to force everything to use IPv6. It’s a huge pain to support IPv4 as a selfhoster. I never had to specify an IP manually, DNS exists for a reason.
a teammate implemented it because he thought it would be a good resume project. it added more maintenance work to a lot of pieces, forever. there is no measurable benefit to the business
I want to love IPv6 but it’s unfortunately still basically impossible to get good proper IPv6 in the first place.
At home I’m stuck with fairly broken 6rd that can’t be hardware accelerated by my router and the MTU is like 1200 which is like 20% bandwidth overhead just for headers on the packets.
On the server side, OVH does have IPv6 but it’s not routed, so the host have to pretend to have all the IPv6 addresses and the OVH routers will only accept like 8 of them in use before its NDP table is full, so assigning an IPv6 to every Docker container fails miserably.
IPv6’s main problem is ISPs are so invested in NAT and IPv4 infrastructure they just won’t support IPv6. Microsoft, Google and Apple need to team together and start requiring functional IPv6 to create user demand, because otherwise most users don’t know about CGNAT and don’t care. Everything needs to complain about bad IPv6 connectivity so users complain to ISPs and pressure them into fixing it.
We were offered a /3(?) for like 1000$/yr… sounds like a good deal tbh
IPv6 or IPv4?
A /3 of IPv4 for that price is impossible, that’d be 10% of the entire IPv4 space. A /29 (32-3) would be more reasonable but 1k for a block of 8 IPs would be a massive ripoff.
Doesn’t make sense for IPv6 either, as that’d be exactly the global unicast range (2::/3), but makes sense they’d give you like a huge block in there, maybe a /32 as that’s what they assign to an ISP. As an end user you usually get a /48.
Phone keyboard ate the 2… it’s a /32 block ipv6
In next 10-20 years everyone will use IPv6
IPv6 is now twice as old as IPv4 was when IPv6 was introduced. 20 years ago I worried about needing to support it. Now I don’t even think about it at all.
If you’ve never thought about it, there’s a good chance your actually using it. ISPs around the world have been turning on IPv6 for their customers. About half the internet is using IPv6 these days, so there’s a 50/50 chance you’re part of that.
I suspect my cellphone does, but not my work or home internet.
You can always check https://ifconfig.co if you want to be sure.
Widespread IPv6 adoption is right there with the year of the Linux desktop. It’s a good idea, it’s always Coming Soon™ and it’s probably never going to actually happen. People are stubborn and thanks to things like NAT and CGNAT, the main reason to switch is gone. Sure, address exhaustion may still happen. And not having to fiddle with things like NAT (and fuck CGNAT) would be nice. But, until the cost of keeping IPv4 far outweighs the cost of everything running IPv6 (despite nearly everything doing it now), IPv4 will just keep shambling on, like a zombie in a bad horror flick.
On my local network I want governance over my devices. I want specific firewall rules per device, so I can, for instance, block YouTube only on the kids devices. I want this to be centrally managed, so configured on my opnsense router. I want all devices to use IP6. Unfortunately none of this is possible.
To setup firewall rules I need DHCPv6, not SLAAC so my IPs on my local network that I manage are well known and fixed. Android devices don’t support DHCPv6. And the designers of IP6 were daft enough to set the priority of IPv4 above that of their new protocol. So basically if you have any IPv4 addresses on a device, they’ll be preferred by basically all operating systems - because that’s what the spec says. So you can’t run dual stack in a meaningful way.
TL;DR: IPv6 on a local network has not been thought through at all even though it’s incredibly old, it’s really immature.
I’ve used IPv6 at home for over 20 years now. Initially via tunnels by hurricane electric and sixxs. But, around 10 years ago, my ISP enabled IPv6 and I’ve had it running alongside IPv4 since then.
As soon as server providers offered IPv6 I’ve operated it (including DNS servers, serving the domains over IPv6).
I run 3 NTP servers (one is stratum 1) in ntppool.org, and all three are also on ipv6.
I don’t know what’s going on elsewhere in the world where they’re apparently making it very hard to gain accesss to ipv6.
IPv6 was “just around the corner” when I was studying 20+ years ago. I kept a tunnel up until the brokers shut down.
I’ve been hosting some big (partly proprietary) services for work, and we’ve been IPv6 compatible for a decade.
My ISP finally gave me native IPv6 earlier this year, which gave me the push to make sure my personal hosting does IPv6 as well. Seems like most big players services support it today. It’s nice to not have the overhead that CGNAT brings.
IPv6 got a bit of a bad reputation when operating systems defaulted to 6to4 translation but never actually managed to work.
You can pry my v4 addresses from my cold dead hands.
Yes, the dumb ones will stick to IPv4 as they are unable to learn and change.
Talk about dumb.
Are you going to assume the risk of this change, and pay the millions upon millions of dollars to make it happen, and for what benefit?
We have thousands of devices that simply don’t support it (because they were designed before IP6 existed. You going to pay to replace them, and the labor to replace them, and the reprogramming to replace them, and the RISK you create while doing this?
Dumb is right. Hubris is another word that comes to mind.
If your devices are that fragile, they shouldn’t be hooked up to the internet in the first place. What are you doing hooking NETBIOS token ring networks up to the web?
If you want to talk about risking breaking things, imagine the glorious lie that NAT introduced. Thanks to these old devices, your router at home/small business parses every FTP connection, every SIP message, every H.363 call, modifies its contents, and opens one or more ports in the firewall just to keep old stuff from breaking.
If your crap survived NAT, it’ll survive IPv6. And if it can’t use IPv6, that means you don’t need to worry about it and you can just keep using IPv4 on these things like you always have!
IPv6 is 26 years old. If you are still running devices that are connected to the internet and are older than that then you have a problem.
Bit rude, Whilst I understand tech changes and evolves, some are literally the Just Works meme and don’t need to be rapidly changed.
"Rapidly“. IPv6 is 26 years old. And we are literally running out of IPv4 addresses.
Mostly I’m scared I’ll write a firewall rule incorrectly and suddenly expose a bunch of internal infrastructure I thought wasn’t exposed.