Some time last year, a weird thing happened in the hackerspace where this is being written. The Internet was up, and was blisteringly fast as always, but only a few websites worked. What was up? Fortunately with more than one high-end networking specialist on hand it was quickly established that we had a problem with our gateway’s handling of IPv4 addresses, and normal service was restored. But what happens if you’re not a hackerspace with access to the dodgy piece of infrastructure and you’re left with only IPv6? [James McMurray] had this happen, and has written up how he fixed it.
His answer came in using a Wireguard tunnel to his VPS, and NAT mapping the IPv4 space into a section of IPv6 space. The write-up goes into extensive detail on the process should you need to follow his example, but for us there’s perhaps more interest in why here in 2025, the loss of IPv4 is still something that comes with the loss of half the Internet. As of this writing, that even includes Hackaday itself. If we had the magic means to talk to ourselves from a couple of decades ago our younger selves would probably be shocked by this.
Perhaps the answer lies in the inescapable conclusion that IPv6 answers an address space problem of concern to many in technical spaces, it neither solves anything of concern to most internet users, nor is worth the switch for so much infrastructure when mitigations such as NAT make the IPv4 address space problem less of a problem. Will we ever entirely lose IP4? We’d appreciate your views in the comments. For readers anxious for more it’s something we looked at last year.
IPv4 would be six feet under were it not for cheap ISPs who refuse to update their infrastructure to support IPv6. But sure, they’ll buy thousands of CGNAT bandaid equipment to get more mileage out of their existing IPv4 equipment.
Gone are the days when you paid for an internet connection, you got an actual static IP (or at the very least a public facing one) which you could use with DMZ or UPnP or port forwarding to access your home server, or host a website at home, or host an online game.
Anyway, if you just want to access your devices across networks and don’t care about public access, you should look into zerotier. Its an amazing free service to make VLANs (they use a mix of UDP hole punching + relays when that’s not possible), they probably read all your packets but at least you get to access your devices across the world…which was also possible 10 years ago before CGNATs and double NATs came…
it’s mind blowing how the ipv4 apologists keep defending ISPs that don’t want to invest time to solve it. my first ipv6 experiments I did almost 25 years ago. there has been plenty of time to adapt.
and the public is just as stupid. even in technical forums you get IMBECILES saying they don’t want their devices “directly reachable from the internet and NAT is good because it prevents this”. no you stupid ignoramus, you can still use a stateful firewall and allow all outgoing connections and their responses, just like you do with NAT. but ALSO, if you want to expose a particular host, you can
Hellooo! Hi there! 👋😃
I just want to say that IPv4 and NAT are great, they’re so easy to handle.
Especially at home in an SMB1/CIFS network with other WORKGROUP computers; Windows 98/Me, XP, DOS, WfW and OS 9 Macs.
When I talked to other IT people about IPv6, they often recommended to disable it.
When I asked about the upcoming shortage of IPv4 addresses they said “let’s keep NATting!”
I guess it’s safer, too, because there are no shadow networks then.
An unmaged IPv6 stack is a security risk in an normal intranet (with internet gateway).
Setting up all those filter rules for IPv6 is such a burden and IPv6 as no gain in an intranet.
Then there’s the additional need to maintain/watch the IPv6 settings..
In China it’s different, though. They basically started big with IPv6, if memory serves.
So IPv6 is great tech for the commies (hah, pun intended; because of comm-unications and the other word).
https://en.wikipedia.org/wiki/China_Next_Generation_Internet
Without IPV6, all the malware on your IoT devices can’t call home or function properly to ensure that YOU the product are being good income generators for big business and scammers.
IPV4 requires human intervention to configure networks. IPV6 automates the networking process because some anonymous body knows better and should have absolute control over your data.
Solve what?
I’m being facetious and understand the problem IPv6 solves, but only to point out that in most cases people don’t care.
When people who are happy with IPv4 say so, it’s heard as “I bolted these wheels on my horse so I can use the road just fine!”. For many people NAT is a feature, not just a workaround. I love that I’m not routable directly.
I’ll go further; IPv4 will not be going away for the foreseeable future, and this is because the value proposition is negligible for most people.
I’m not a technology or networking noob and I totally get what IPv6 tries to achieve. However after multiple attempts to make use of it and do the switch, I always stopped and stayed with IPv4. IPv6 is just too cumbersome and complex. Having both in parallel actually makes it worse. Therefore all IPv6 traffic is blocked at my firewall. My home net is strictly IPv4, IPv6 is disabled wherever possible and the access I need from the outside also uses IPv4.
By now I intend to keep it like that for as long as it’s possible.
Yes. Sure. Question is, is everyone just stupid because they are not adapting or maybe just maybe is there a problem with the solution people are supposed to adapt to? I’m sure that adaption would have been much faster if IPv6 was designed with the humans in mind that are supposed to set it up and use it.
“you get IMBECILES saying they don’t want their devices “directly reachable from the internet and NAT is good because it prevents this”. no you stupid ignoramus, you can still use a stateful firewall”
I used to work support at a major ISP. Pissed off customers blaming us when the problem was THEIR firewall that THEY installed was practically every other call. I’ve neve seen a firewall that doesn’t eventually shit itself and just block all the internet.
I have a deep mistrust of firewalls that was created and reinforced by many years of bad experiences.
Port forwarding.. except for one really crappy router that AT&T forced us to use… (so I dropped AT&T) it is easy to set then it just works.
Firewall rules… not so much.
If and when my ISP ever gives us IPV6 I will probably break down and give it a try. I even considered configuring my router to connect to the Hurricane Electric free IPV6 tunnel at one point. Till I learned that all the streaming media providers blocked it so as to keep people from using it to get around area restrictions.
But relying on a firewall for security… that is one HUGE anti-feature in my opinion.
It’s not just ISPs, it’s that many routers and even older versions of Windows don’t support IPv6 very well. They implement the core, but you need more than that to have a usable network.
For example, say you plug a new device into your network and want to configure it. There is no DHCP by default for v6, it’s an optional extension that your router probably doesn’t support. You can use the neighbour protocol to find it, but that just gives you a list of IP addresses and no clue as to which one is your device. There is DNS-SD, Bonjour, and a load of other service discovery mechanisms. My new printer supports about 8 of them, because no OS has all of them and most routers don’t support any of them. Windows has a limitation on using broadcast pings for this too, to prevent DDOS attacks presumably.
Because it’s such a mess and so inconsistent, many people keep using IPv4, especially locally. Their internet connection might support V6, but there isn’t any benefit to them at home or at work where they aren’t running out of addresses. I mean theoretically there are benefits, but in practice…
IFAIK, there isn’t any broadcasting ping for IPV6. There’s only multicast in IPV6 and that’s good, because you don’t want to flood the internet with your ping probes.
IPv6 currently suffers from its proponents not yet accepting the “your baby’s ugly” feedback.
IPv4 is easier for humans to remember and interact with. Binary vs. Hex, 4-8 bit sections vs. 8-16 bit sections, subnet notation vs. the weird ‘double colon to collapse internal zeroes’.
Troubleshooting network issues over the phone for my family’s home networks is already bad enough, and there’s enough ‘value add’ with commercial/residential routers/firewalls that I appreciate consumers not wanting to use their ISP’s (cheapest possible) provided equipment.
Yeah, although I’m no expert, it seems obvious the proponents of IPv6 have whiffed it. Either they’ve failed to communicate their argument (for decades), or the actual benefits simply aren’t there for all the stakeholders involved.
Or at least, the grand plan has been outpaced by ad-hoc solutions. While IPv6 was tying its shoes, most of the internet moved to a de facto layer on top of DNS+HTTP, where hundreds of servers can share an IP address as far as most client-server applications are concerned. And of course peer-to-peer applications are built around NAT. Which is complicated and sensitive to network configuration, yes, but that’s a tough argument to pull off if your counter-offer is moving billions of devices onto IPv6.
Like, sure, Betamax is technically better. Sometimes the world just wants more porn.
“Like, sure, Betamax is technically better. Sometimes the world just wants more porn.”
Here in Europe, during video tape war, there also had been Video 2000, as well. Just saying.
I feel the communication was clearly there. The reasoning for the switch is obvious. However the solution is just overly complex and massively unfriendly to human users. Add to that the sad state of implementation and you have yourself a failed product.
In the last 20 years I have worked with all sorts of large international companies. They are all still doing IPv4 internally. Only external services are also published on IPv6. When even such companies feel that the switch to IPv6 is more hassle than dealing with the limitations of IPv4, no wonder adoption is slow.
Maybe it’s time to ditch it and start from scratch with something that makes more sense and actually takes the people into consideration that are using it.
Europe here. My provider still gives out actual static IPv4 addresses. Great to VPN home.
I use tailscale since I found they’re hiding me behind CGNAT.
OFDMA for 5G phones is basically NATing RF to death and then some but no one is complaining they want a frequency for themselves; besides if you want a static IP you still can purchase one and be done with it. After growing available ipv4 adresses at least by 2⁸ ipv6 is looking right now like a solution waiting for a problem.
Yeah, I get an IPv4, and an IPv6 for my EMTA from my Major US ISP and a static IP, to boot – and I didn’t even ask for it.
I’ve got a pretty much static IPv4. Not strictly static, but it changes maybe monthly or less, nothing a cron script can’t check and update DNS for. It’s pretty much normal for broadband in the UK.
I’d flick it on if my ISP had native dual stack and not DSlite. To me this is another headache as the article describes. As for now some customers are on lite and some are native. It’s a matter of cost as 2nd level support told me, and they don’t like ticking the box to give you native, unless you kvetch hard enough.
My speculative assumption is people associate these stories with problems affecting them, so yeah, we all can relate why we will sit on the green patches of IPv4 land until the lights go off. I have no issues with it on my phone, there IPv4 and IPv6 just work good, but it’s the largest most experienced telco of the country.
Same here. I would really like to adopt IPv6 to be a good example, but my ISP makes this impossible.
I only have the options of DSLite (one /64 via DHCP) and IPv4 with (slow changing) dynamic IPs.
So great, with the one /64 I get, I can’t even do a proper setup with pfSense since the ISP does not offer to give me at least a /56.
ISP at work still doesn’t support ANY ipv6.
I must confess something potentially embarrassing… I never quite “got” into IPv6. No idea how exactly the addressing works, how to set things up, what’s in it for me. All seems just more headache-y than good old IPv4. Why make addresses so long I can’t memorize them? So I never actively touch IPv6. Yeah, I probably use it without realizing. Maybe it “just works” for me. Sorta understand how to configure IPv4 networks and been doing that ever since for my local networks. Never saw any reason to “upgrade”.
This indeed, I’ve been in IT professionally for over 20 years (mainly as a programmer), but I’ve never dived into configuring IPv6… home or work. At work there were people who did know what to do if it was needed and at home it wasn’t even offered by providers. Now they do, but I have no clue where to start.
I don’t know if it is more difficult to learn or if it is years of kinda understanding how IPv4 works that just get in the way :)
I have dived into this topic as an IT pro and even gave presentations on it to educate others on the myths and truths of v6 vs v4. There’s a lot to it for a single post but I’ll try to briefly address as best I can here some keys including some of the other discussion points that I have seen here.
First, v6 is used all over the place and often transparently to end users. V6 has fixed length packet header whereas v4 headers are variable length. Fixed length headers have the property of being much easier to implement directly in hardware. So if everything switched to pure v6 overnight, router cpu usage all over would drop out the floor relative to equivalent v4 traffic levels. I highly suspect this lower power profile is why Starlink is v6 only. The satellite power:performance:bandwidth ratio is better and more predictable. I suspect v4 would be infeasible even, meaning that v6 has enabled this new technology system at the affordability level it has in which I could easily choose that as a reasonable internet option today at home or traveling.
Regarding security, the fixed length v6 headers include support for IPsec standard even if not used. With v4 nat, IPsec cannot work in direct transport mode so v6 still includes the promise of better security in the network layer without overlaying v4/v6 tunnels to accommodate nat.
Regarding not wanting a host to be directly routable with v6 for the security value, that value comes primarily from the firewall function of the nat+fw device not the nat function. The firewall functions can work just as well in v6 router+firewall scenarios to keep a network secure (not speaking to individual implementations which probably vary widely in quality).
Regarding broadcasting to other devices on a lan, v6’s neighbor discovery component allows discovery of devices on the same lan but devices may respond or not depending on their own configuration (similar to v4). Related – v4 relies on ARP to resolve to Ethernet layer (MAC) addresses. V6 instead uses link-local addresses (not routable on internet) that end with MAC address of the Ethernet adapter making arp unnecessary.
Bottom line to me is that we’re getting what we need from it: new technologies and new address space.
Hopefully this was informative.
What about NATs ability to hide device count and internal structure?
Security by obscurity is no security at all.
You also have to remember, things like trying find find every device on a single /56 or /48 IPv6 network is time prohibitive, it takes alot more time to scan through the IPv6 address space then the measly 0 to 255 of a typical home network. A /56 address space would be the equivalent of a /8 ipv4. And that’s after they make it past your firewall, since devices behind a proper firewall shouldn’t be responding to external connections anyways.
If you are worried about them tracking by recording outgoing connections by prefix, well, hardware and browser fingerprinting already provide individual machine identification.
Correction, a single /56 block contains about 4 sextillion addresses, no one is scanning the whole block in a few lifetimes of the universe
As a network engineer who uses Starlink prolifically, I had 32 terminals at one point… Starlink is in no way IPV6 only, their IPV4 DHCP lease time is just near uselessly short, short enough it will crash some connected hardware… … looking at you PFsense firewall…
“we don’t have a problem” so much as the industry does. Both my current and previous ISPs don’t support ipv6. So for me thats done right there. If ISPs supported it and sent out devices using it very few would change away as long as it worked. But they don’t, and as mentioned in the article it fixes no customer facing issues so they dont either.
My ISP does not give me IPv6 access. test-ipv6.com tells me “You will not be able to reach IPv6-only sites.” I found on Reddit comments by other customers of the same ISP. One comment claimed I could get IPv6 if I would be willing to pay more each month.
Long ago I blocked a site – but then my system went to it anyway, turned out it auto-routed to the IP6 version… that’s just great isn’t it..
Personally I think for the majority it’s a “if it ain’t broke” situation. Ireland recently said no to digital radio because it wasn’t adopted widely enough, and that in turn was because it didn’t make financial sense for a lot of people who actually listen to radio, especially in rural areas where suppliers would be required to invest without any real benefit.
Education is key in adoption of all change, forced or otherwise. There’s always a resistance to change psychologically with humans (it prevents us from turning into proverbial lemmings), but getting the majority to change requires education and a little persuasion, which there isn’t with ipv6. Just on the basics alone ipv4 is easier to understand and implement, I can write down subnets and remember IP addresses more easily and if DNS ever drops I can still recall them all because it’s been habit for years. If ipv6 was the primary I would adapt but I can’t say that for everyone.
Anyway, last year Microsoft had a CVE in ipv6 implementations, what was the recommended work around from Microsoft? Disable ipv6. Having a redundant but ubiquitous functional technology doesn’t help adoption of new tech (not that it’s new). Personally when the opposite is the case that ipv4 requires disabling is when you’ll see people with the money to assert and push change actually assess the risk vs reward and make the decision to change.
Digital radio is a whole another beef for me. It always felt like they just wanted to save costs by user smaller field strengths whilst in mere theory have the same range. The results are, if you enter a tunnel or spot with less good reception you lose some dynamic range in FM but still can listen very well to speech. With DAB/DAB+, etc. you get wonderful block artifacts that jam your brain into being unable to comprehend the scraps of conversation. It’s a huge cognitive load whilst driving to make out anything that may contain useful information such as road blocks. [Luckily there show up in navigation software either via Traffic Message Channel (TMC) or in an LTE connected GPS app like maps.]
Digital radio in music and news broadcasting has been a grave mistake. In ham radio digi modes are alright and very useful, but still rubbing many people wrong for entirely different reasons. But I feel like preaching the choir and most people probably know this. Still down with DAB+, give me FM back.
Given that ipv6 came out when floppy disks and vhs tape were leading edge technology and still isn’t close to being fully implemented its about time that people admitted it’s a great big steaming pile and they made a total mess of it and gave up. Roll on ipv7, lets hope they get this one right.
Wait a sec, the 90s were all about CD-ROM technology and flash storage.
Kodak PhotoCD, Video CD, CD-i, CD Video and Compact Flash, PCMCIA memory cards etc.
As well as non-standard things such as QuickTime movie CDs and Movie CD format (Win 3.1 PCs).
VHS just was most mainstream. Film fans had their Laserdisc collection (like vinyl collection), some geeks experimented with VCD playback.
Floppies were in heavy use in the 90s from my experience. They were used like flash drives until files got too big and CD-RW cheap enough for more people to use them (late 90s early 00s). Then flash drives came and quickly took over because they were drag and drop like floppies but way better every other way (early 00s).
IPv6 vs IPv4 is like ASCII vs Unicode (and CGNAT is like codepages, trying to fix it).
In that way, I see a lot (most?) orgs and people defending IPv4 to be US-centric and nearsighted.
I am in Europe in one of those countries with letters outside ASCII and have been working for a few US orgs, one which had their own square on xkcd.com/195/ . “But IPv6 is dangerous!”
Get with the times and the world.
IPv4 has problems. So does IPv6.
We know how to deal with many of the v4 problems.
As an admin, every new device I add requires more maintenance time.
I DON’T WANT every device to have a unique and publicly addressable address.
That is a nightmare scenario.
I know I could probably manage it even if I don’t want to.
But is Joe/Jane Doe expected to become a network admin to manage every lightbulb, toaster, or tv that wants to be a public endpoint?
I turn off IPv6 whenever I can, because it is hard enough to block all the insane telemetry without devices being able to ignore DNS.
And manufacturers are getting sneakier about it too.
Having new telemetry added to a 1 year old TV with an update? FU.
Your TV shouldn’t be allowed to do ACR and then call home to report on your activity to begin with, but adding it AFTER purchase/review/configuration is villainous.
I really don’t think there’s ever going to be a scenario where IPv4 totally dies. Just doesn’t make a lot of sense, especially in places like Home LANs or even corporate.
IPv6 solves the major issue that needs to be solved – Internet addressing and mobile devices acting as their own routers/modems, but honestly I agree with one of the above posters –
IPv6 Proponents cant get over that people are calling out that IPv6 is an ugly baby – It works well, yes, but its not that great for non-technical people to use or implement, and maintaining backwards compatibility in network stacks with both IPv4 and IPv6 makes sense, especially local network wise.
IPv6 failed at the moment of creation, when instead of just adding bits to addresses, they think out severe idiocy with very speciial routing and other fundamental things.
Many think that IPv6 is kind of continuation of IPv4, but it’s a mistake. It is completely different protocol, which is different from IPv4 as much as, say, IPX if any remember that thing. So, making a hardware switch or router fabric with IPv6 support is not just adding some bits to net address registers in existing IPv4 design, but basically creating whole more complex thing from the ground. And it could not be used for IPv4, so you need 2 completely different and separate units for IPv4 and IPv6 in your design Complexity also add errors and bugs. Hardware that fully support IPv6 without bugs does not exist.
I think there eventually will be created some IPv? protocol, that will be a true, evolution of IPv4 with backward compatibility, that will make IPv6 obsolete, and we will forget about that IPv6 blunder, like we already forgot about IPX.
IPv4 is as simple as possible, and KISS things always outlive something more complex in maintaining. So, it will be perfectly fine, even when IPv? will be rolled out.
I also vote for an IPV4-Plus, where they simply add two extra bytes in front of it, and keep the rest of the idea’s/mechanisms the same ;-) And simply set the two extra bytes to zero to reach the old ipv4 space.
IPv4 header have optional IP Option field that could hold up to 38 bytes of data (40 bytes, minus 1 type byte and 1 length byte). This field is used f.e. when you do “ping -R hostname” to store IP addresses packet passed through with Record Route option set. Same place could be easily used to store “plus” part of enhanced IP address. All known hardware honor IP Option field, so there will be no any problems with running this “IPv4-Plus” over current network. That way you could with minimum changes to working network solve all that not yet really disturbing problems with “IPv4 address space limit”. Even just adding one byte to addresses will make address space 256 times larger. Only endpoints of current network will have deal with that additional address part.
Very simple solution with total backward comatibility with IPv4, will be much better than that IPv6 mess nobody actually need.
The problem is that doesn’t work, because the IPv4 only device you’re reaching doesn’t understand and can’t cope with talking back to your device in the extended address space. In that sense two extra bytes or the quadrupling of the address space in IPv6 makes no difference, but at least the latter provides so much headroom we should never have to go through same problem again.
The reality is the world will carry on with an increasingly broken IPv4 Internet until the pain caused by lack of end-to-end connectivity to things hidden behind ever more NAT finally overcomes resistance to change and business are persuaded that the investment is more cost effective over dealing with the problems, constraints and security implications. Examples include things such as heavily overloaded public IP addresses and address space clashes resulting from mergers, acquisitions and use of third party hosted services. Parts of the Internet will eventually become IPv6 only, probably initially for local services in countries/regions with high adoption. At that point I think we will see a fairly rapid tipping point from ‘unnecessary distraction’ to ‘we have to do this’ which could be quite lucrative for those with the right skills and expensive for the hold-outs.
That is unless it takes so long that IP generally has been usurped by something better.
You didn’t get a point at all. IPv4 device don’t have to deal with extended part of address at all. Extended part of address is for local router to send IPv4+ packet to specific device in network behind, not for endpoint device itself. Device will deal with packet just like with regular IPv4 one. Extended part of source and destination addresses is not his business at all, but will allow arriving of packets to specified destinations.
In reality, there is no any problems with IPv4 address space. This narrative about “IPv4 addresses shortage” is decade old and stays the same nothingburger today. There is absolutely no any need for end-to-end connectivity for tosters and dishwashers too. All that narratives comes from same group of ill-organised businesses who are trying to make a profitable commodity from customers. Interesting, that same groups own large blocks of IPv4 addresses that is not used at all and constantly trying to acquire more. Say, Google absolutely does not need all their 20M IPv4 adresses. In 2015 Google had just around 200k and nothing changed much in terms of Google services since then. 20M IPv4 addresses is enough to provide white IPv4 address to each household in a country with 50-100M citizens. Other corporations also stock IPv4 addresses as a financial asset in even larger amounts.
There is more than enough IPv4 addresses for 10-20 billions of Earth population. Just don’t allow corporations to grab them in vast amounts and that’s all.
This IPv4 “problem” is not even on technical plane. It is just artificial creation of deficit by malicious actors to rise the prices and monopolyse commodity market.
My reply was to in response to @atkaper rather than yourself so I’m not missing any point that you made.
However no-one in a position to truly influence future network standards is likely to advocate for any sort of IPv4+ standard workaround, when we already have a solution that provides much expanded address pool in the form of IPv6 that doesn’t require such hacks. The choice is there to use it or not.
In any case if there isn’t a problem as you go on to suggest, why would we even need it? I’ll have a static routable IPv4 for my home network at no additional charge because they should be able to get plenty at minimal to no cost and I’ll no longer need to route VPN traffic (which isn’t for a toaster or dishwasher btw) via a cloud relay.
@Mark, good point indeed, the route back from old devices would require some nasty trickery (or split network with some sort of 4+ to 4 NAT). Oh well, ipv6 it is then… (at some point in time) ;-)
Many moons ago, (probably over 15 years ago) I moved to a new house, got a new ISP. The coax router used IPv6. This resulted in a big problem. Every local device received it’s own IPv6 address. So if I wanted to download a file from my home server, it would go over the internet to my desktop. So instead of going directly from one computer to the other over gigabit, I was limited by the 30mbit upload of my coax network. An even bigger problem was that every computer was directly connected to the internet. No need for port forwarding for devices I didn’t even want reachable on the internet. Every port was directly accessible by anyone who wanted to reach those ports.
This isn’t a small ISP, talking 7 million customers back then. I was able to convince them to reset me to IPv4.
I know this was a bad configuration by the ISP but I’ve always been wary of IPv6 because of it.
So… you are afraid of IPv6 because you are mixing a NAT with a firewall? The NAT done at the ISP’s place is a (poor man) firewall. When you were connected to IPv6 you only needed a firewall/router. You could have set the routing tables so your internal network would be routed directly and prevented outside connection. Now, with your IPv4 NAT setup, it’s a nightmare to add a service on your internal network so it can be reachable from outside. This leads to the “cloud” idiocy we see today where few companies collects all the information for millions of dumb users because, “sharing a file is difficult”.
While technically true, do you really think, it’s a good idea for every home network device to be on the internet? Do you really think, the vast majority of people out there would be able to secure their IPv6 networks?
Sure, it’s a (poor man’s) firewall. But at least it is one even though it’s not “proper”.
Right… Just thinking about trying to explain this to my mom stresses me out.
I consider this to be a good thing for the vast majority of people out there. It’s easy enough to overcome for people who know what they are doing and it’s difficult enough that most people don’t accidentally do it. Unless of course, a half baked IPv6 implementation comes along and automatically does it without anyone realizing.
hackaday would be silent, nothing else
… plus all the rest of WordPress. And Github. Oh and Docker, by default, doesn’t do IPv6.
I really do want to like ‘IPv6’ … but I just don’t need it. ‘IPV4’ is so convenient and easy to remember and use. My internal home network is a class ‘B’ supporting 65534 possible addresses. Don’t think I’ll be running out of IPs anytime soon as currently not even using enough to fill up a class C network. And on the Internet side, I just don’t care as the router assigns the needed IPs and it works. So what is there to ‘push’ me to use IPv6 other than curiousity???
Once your ISP switches you to CGNAT because they ran out of IPv4 addresses, IPv6 will be the only way to access your devices remotely without relying on a VPN or some sort of tunnel.
And an outbound tunnel at that which means in most cases you’ll need some sort of cloud service such as Cloudconnexa, Tailscale, Zerotier or your own Virtual Private Server acting as intermediary in order to connect between two endpoints where the destination is behind CGNAT and IPv6 isn’t supported at both ends.
IPv6 is a security nightmare, every iot open to the cloud?
Why are people opening all these devices to the cloud?
Just have two network interfaces… Like I do. One for home automation, one for internet facing.
By default, the firewall will block any inbound access to all devices on the network. Assuming your ISP gives you at least a /56 like they are supposed to, you will have 256 subnets available. Put your IOT devices on one of them and use the firewall to restrict the internet access to only what those devices require to function.
haha a lot of strong opinions here. i think the point of the exercise is that it’s only alright if everyone else loses ipv4 at the same time.
i’m pretty comfortable with the odds that i’ll be able to use ipv4 as long as anyone else will be able to. and honestly it doesn’t bother me that ipv4 could disappear, so long as it disappears for everyone else too. i imagine i’ll spend a day or two, maybe a week, reconfiguring things, or deciding how much i have to reconfigure. do i keep my vpn with ipv4 addresses, or switch it over? that sort of question. the unfamiliarity is what irks me, and that’s just a cost to pay when i’m forced.
i do like having memorable numbers but on the wild internet the only number i memorized was valid from like 2003 to 2022, and now it isn’t valid anymore and i haven’t memorized its replacement. the new address has a 255 in it, which makes me uncomfortable and is definitely a symptom of ipv4’s limitations.
and anecdotally, for decades i used an isp that was dragging its heels on ipv6 and now for about 3 years i’ve used an isp that provides ipv6 and i’m the one dragging my heels. i still disable it every chance i get because my gateway / firewall / nat isn’t set up for it.
Gah! I had this too! Bleeding NowTV/Sky ADSL modem only doing IPv6.
Unfortunately I had no extra VPN gubbins I could use (all my VPN goes over IPv4)
THis situation lasted for about a week, with me giving Now updates on my findings.
And then it suddenly fixed itself – they probably found their snafu.
The main issue with ipv6 is the lack of easy to understand knowledge. Do remember how it was many years ago when even simplest ipv4 stuff was considered black magic. Most people had no idea how to do it. That’s why there were so many “dump” routers that had so mane holes and bad configs. With ipv6 it’s quite harder to get it right: it requires different approach, there aren’t too many good tutorials, it’s unfinished or not implemented properly on different levels, which makes it even harder to configure. That’s the reason that there’s no full adoption – no one wants to deal with that when they have many other pressing matters to work on. And regular people won’t touch this in million years when by default their devices will get direct access to the net, when they have no idea how to block this properly.
I, myself, tried few times to approach this topic but each time I started to go through some docs, tutorials and such, I was reminded that the day has 24h and I have to work and sleep sometimes. ;)
I understand that at the time ipv4 was made they had to do as much optimization as possible for the protocol, limiting it to 255.255.255.255, but with the computational power nowadays, why dont they just add more bits to it, increasing it to 999.999.999.999? Its not a permanent fix, but it still allows you to have memorable addresses, while now having 1 trillion addresses to work with. And if you still have 1 address per house for instance, which is how it works nowadays, its should be extremely long before it runs out again, even including all the data centres having each server have 1 address
That is because 255 is simply a decimal representation of the 8 bits used as part of the address. IPv4 uses 32 bits for the address, divided into four 8 bit segments(4 0-255 decimals) to make it easier to read and remember. This gives about 4 billion possible addresses. To go to 999 would require 10 bits, or 0-1023. So the address space needed would go from 32 bits to 40bits( about 1 trillion addresses) which is not supported by IPv4. IPv6 gives a total of 128 bits for the address space for comparison, which is somewhere around 340 undecilion (340 * 10^36) addresses.
Ipv6 is ugly.
This is the first thing I disabled after installing a new linux host…
I hope being retired before ipv4 ends.
I am a Linux user in Australia. We are still being advised not to enable IPv6 in our computers. Businesses that have IPv6 addresses have IPv4 addresses as well.
Maybe giving EVERY device a unique address isn’t a good idea?
Why should my TV have a unique address?
Why should my TV get to hardcode a totally safe static IP that can bypass the DNS process so it can smuggle out all it’s ACR data?
“But with IPv6 I can access the web interface on my toaster from anywhere in the internet!”
Who gives a F.
Sometimes lacking something is A FEATURE not a problem.
My ISP supports IPv6, so I’ve enabled it on my home network and now I can,
um,
well, it’s exactly the same as before, except I now have a whole second network stack to debug when something goes wrong.
As far as I can see, the only advantage for me is that I could have multiple external addresses for different devices, but at most I’d only ever need one externally accessible device, and I don’t currently even have a need for that.
From a technical point of view it’s all very nice, but the vast majority of people have zero use for any of the advantages of IPv6.
the thing is, there’s more people than ipv4 addresses so there’s a group of people — probably a majority — who can’t use ipv4 directly
IPv4 was designed largely by computer engineers. IPv6 had huge gobs of input from traditional telephone-system engineers (and their associated circuit-billing departments).
Remember the bonkers IPv6 “site-local address-scope” feature that was reluctantly deprecated in 2003 when (after being told repeatedly for years that it was basically unusable), the telephony orgs reluctantly backed down over that part?
Although there are a lot of technical issues, there’s a non-technical difference between IPV4 and IPV6 that might explain a lot about the history and state of the Internet today. That issue is the mechanisms for administration and making decisions. In other words, “Who’s in charge of the Internet?’ Who makes the decisions? How do they enforce them?
TCP evolved from “TCP V2” to TCPIPV4 45 years ago, around 1980. I was pretty heavily involved in that transition and the design choices of V4. But there were other people doing other, non-technical, stuff. Their efforts orchestrated the introduction of V4, and the removal of V2, from The Internet of that era.
At the time, pretty much all the research work was funded by governments. In the US, the DoD (Department of Defense) held the pursestrings. In Europe, governmens of the UK, Norway, and Germany were involved.
I remember some of the things that someone orchestrated in the US. The DoD declared TCP as an official Standard. That by itself has little impact, but someone also changed the procurement regulations so that any system using a computer that could be attached to a network had to implement TCP. If not, a purchase wouldn’t be approved. That caused big government contractors to take notice, as well as the corporations that made products used in the systems they built. The US military buys a lot of stuff.
The National Bureau of Standards (NBS, now NIST) also defined a procedure to test TCP implementations and certify that they conformed to the specifications. They also defined a program whereby any “lab” could become a Testing Laboratory, qualified to perform the tests and issue certifications. I set up and ran one such Lab. It was never expected to be a big moneymaker, but seemed like a good thing to do.
On the research side, ARPA (Vint Cerf) formed the ICCB, which later evolved into the IAB. The ICCB met every few months and discussed the overall progress of the “Internet Experiment”, prioritizing all of the things that had to be done, and keeping a list of all of the issues that still needed to be figured out.
Management of The Internet was one of those unresolved issues. It included not only the technical aspects (such as SNMP), but also the procedural aspects (such as how to certify that some implementation was correct). The “pursestring” form of management worked when the Internet was very small, but that approach obviously “wouldn’t scale” as the Internet expanded.
If you think (and we did) about other infrastructures (electricity, railroads, airplanes, highways, etc.) essentially all of them are now surrounded by a “management” structure with Codes, Inspectors, Permits, Laws, and Regulations which have developed over many decades. Some mechanisms are run by governments, and some by Industry (such as UL in the US, ECMA in Europe, etc.)
As far as I can tell, the Internet still has no such mechanisms. Even the ones from the 1980s have faded into historical oblivion. There are thousands of RFCs now, many declared as Standards. But is there any way to tell if some device I have on my LAN, or am thinking about buying, implements some Standard? Or if so, does it implement it correctly?
Note — I am NOT suggesting that the Internet needs a bunch of bureaucratic machinery added to it. Even 45 years ago, most techies (like I was then) didn’t like such stuff. We simply couldn’t think of an alternative, so it remained on the “things we need to work on” list.
Rather I’m suggesting that the lack of an effective “administration and management” mechanism might explain a lot about things like the decades-long, and still incomplete, transition from V4 to V6.
In the 1980s, we transitioned from TCPV2 to TCPIPV4 in less than a year. When the Internet was largely built around the ARPANET, we transitioned from the old NCP to the new TCP literally overnight, after of course a year or so of preparation.
The Internet was much much smaller then. There was someone in charge, wielding the power of the purse to make things happen. We envisioned that as the Internet grew, either OSI would replace it, somehow solving the “management” problem, or someone would figure out how to do such things in the TCP world.
/Jack Haverty
Here’s my analogy
IPV4 users are like those who want a vehicle with a manual transmission because they enjoy driving, want to be able to pimp their rides, want control over their ride, and prefer to do things their way – when they want to as well as go where they want to.
IPV6 users want a Tesla Robotaxi, think Elon should tell everyone what to do, and think everyone wants to be spam-in-the-can and should do as Elon says because he’s rich and a better human being than everyone else and because he’s their guru.
at what point do you accept that ipv6 has been shilled for decades now and its still never taken hold. it has had every big money interest you can imagine from cell data networks to iot devices behind it and its still terrible. they should have done what amd did with x86 when making the 64 bit isa and just made an extension to ipv4. at this point the whole “every device needs a public ip address” is antiquated thinking that was outdated when this terrible standard was launched in the 90s. ive never seen something flop so hard for so long outside of maybe itanium.