Asklemmy

Trash

A lot of networks were designed with ipv4 and NAT in mind. There really isn’t a cost benefit to migrate all your DHCP scopes, VLANs, Subnets, and firewall rules to IPv6 and then also migrate 1000’s of endpoints to it.

Much cheaper to just disable ipv6 entirely on the internal network (to prevent attacks using a rogue dhcpv6 server etc) and only use ipv6 on your WAN connections if you have to use it.

Another thing that makes no sense is if my ISP provided prefix changes -which it will- this affects the IP addressing on my local network. Ain't noboby got time for that if you're managing a company or having anything other than a flat home network with every device equal.

IPv6 is just people shouting NAT BAD, but frankly having separate address ranges inside and outside a house is a feature. A really really useful feature. Having every device have a public IP6 address I'd an anti-featute.

We mainly use ipv4, but recent laws that all public sector websites are to use IPv6, we have had to update our stack.

Now we can do IPv6 public endpoints with ipv4 backends.

As an email guy, I would love IPv6, but it just isn’t gonna happen (for me).

Widespread IPv6 adoption is right there with the year of the Linux desktop. It's a good idea, it's always Coming Soon™ and it's probably never going to actually happen. People are stubborn and thanks to things like NAT and CGNAT, the main reason to switch is gone. Sure, address exhaustion may still happen. And not having to fiddle with things like NAT (and fuck CGNAT) would be nice. But, until the cost of keeping IPv4 far outweighs the cost of everything running IPv6 (despite nearly everything doing it now), IPv4 will just keep shambling on, like a zombie in a bad horror flick.

I've used IPv6 at home for over 20 years now. Initially via tunnels by hurricane electric and sixxs. But, around 10 years ago, my ISP enabled IPv6 and I've had it running alongside IPv4 since then.

As soon as server providers offered IPv6 I've operated it (including DNS servers, serving the domains over IPv6).

I run 3 NTP servers (one is stratum 1) in ntppool.org, and all three are also on ipv6.

I don't know what's going on elsewhere in the world where they're apparently making it very hard to gain accesss to ipv6.

On my local network I want governance over my devices. I want specific firewall rules per device, so I can, for instance, block YouTube only on the kids devices. I want this to be centrally managed, so configured on my opnsense router. I want all devices to use IP6. Unfortunately none of this is possible.

To setup firewall rules I need DHCPv6, not SLAAC so my IPs on my local network that I manage are well known and fixed. Android devices don't support DHCPv6. And the designers of IP6 were daft enough to set the priority of IPv4 above that of their new protocol. So basically if you have any IPv4 addresses on a device, they'll be preferred by basically all operating systems - because that's what the spec says. So you can't run dual stack in a meaningful way.

TL;DR: IPv6 on a local network has not been thought through at all even though it's incredibly old, it's really immature.

IPv6 was "just around the corner" when I was studying 20+ years ago. I kept a tunnel up until the brokers shut down.

I've been hosting some big (partly proprietary) services for work, and we've been IPv6 compatible for a decade.

My ISP finally gave me native IPv6 earlier this year, which gave me the push to make sure my personal hosting does IPv6 as well. Seems like most big players services support it today. It's nice to not have the overhead that CGNAT brings.

IPv6 got a bit of a bad reputation when operating systems defaulted to 6to4 translation but never actually managed to work.

We are going full v6 with SIIT-DC (rfc7755) with our next hardware refresh. Our mother site doesn’t but we don’t care what they do as that’s not our problem

I want to love IPv6 but it's unfortunately still basically impossible to get good proper IPv6 in the first place.

At home I'm stuck with fairly broken 6rd that can't be hardware accelerated by my router and the MTU is like 1200 which is like 20% bandwidth overhead just for headers on the packets.

On the server side, OVH does have IPv6 but it's not routed, so the host have to pretend to have all the IPv6 addresses and the OVH routers will only accept like 8 of them in use before its NDP table is full, so assigning an IPv6 to every Docker container fails miserably.

IPv6's main problem is ISPs are so invested in NAT and IPv4 infrastructure they just won't support IPv6. Microsoft, Google and Apple need to team together and start requiring functional IPv6 to create user demand, because otherwise most users don't know about CGNAT and don't care. Everything needs to complain about bad IPv6 connectivity so users complain to ISPs and pressure them into fixing it.

IPv6 is now twice as old as IPv4 was when IPv6 was introduced. 20 years ago I worried about needing to support it. Now I don't even think about it at all.

In next 10-20 years everyone will use IPv6