| ▲ | dogcow 4 days ago |
| I recently decided that it was high time to stop ignoring IPv6 after 30 years of computing and actually learn how it is supposed to work. So I started digging in, and there's definitely a lot to like. But I see two big problems that are showstoppers in my opinion, at least for my home network (not even considering the fact that very few residential ISPs even support v6 at this point): 1. Generally speaking, the IPs of your LAN are based on the prefix assigned by the ISP. Most residential ISPs don't offer static prefixes. This means that every time your prefix changes, the IPs of all your devices on your LAN change. Seems like this "feature" was developed in a more idealistic era when people probably thought everyone would be getting static IPv6 addresses, since shortages would never be an issue. Unfortuantely, they failed to foresee the fact that most major ISPs are terrible, greedy organizations that either outright refuse to offer static assignments, or continue treating them as if they were scarce IPv4 resources, charging a premium or requiring business-class service to even get them. 2. The ISPs that do support v6, like Comcast/Xfinity in the USA, are only allocating one /64 prefix. This means you can only have one subnet (VLAN) on your LAN! Why are they being so stingy? I would love to migrate to IPv6, but these two issues alone make it feel like a clown show for home users. |
|
| ▲ | easterncalculus 4 days ago | parent | next [-] |
| Couple of things - if you want prefixes to stay the same you can use ULAs for your home network. Not ideal but it's available. The 'right' way to manage this is to use DNS, and just have the prefixes auto-update there, or mDNS. For prefix sizes you should be getting a /56 most of the time, especially from major US ISPs. If you're getting a single /64 it's almost definitely an issue with your router's PD setup. |
| |
| ▲ | dogcow 4 days ago | parent [-] | | Yeah, I know about the workarounds, but that just kind of defeats the purpose for me. Also, I've read comments from folks stating they were having a hard time getting a larger prefix from Comcast using PD... don't know how universally true that is. Using DNS to resolve everything solves part of the problem, but firewall rules are another issue. The router would need to have the capability to update everything dynamically when the prefix changes. I think this in the works for pfSense, but I'm not sure if its actually supported yet. It looks like you might have to mess around with some 3rd-party script to make it work. I guess I'm just generally disappointed that the whole process seems unnecessarily messy. I don't have a v6-compatible ISP right now anyway. I was thinking about trying a tunnel, but I'm not seeing the benefit in it right now. | | |
| ▲ | gucci-on-fleek 4 days ago | parent [-] | | Yeah, this is the constant problem with IPv6: it's a much better design than IPv4, it's simpler to understand, and it should be theoretically much easier to use, but the tooling is all so terrible that it's often easier to just use IPv4. Which is too bad, because so many of the problems with IPv4 completely go away when you use IPv6, but right now we're stuck with dual-stack, which just doubles the amount of work to set everything up. |
|
|
|
| ▲ | gucci-on-fleek 4 days ago | parent | prev | next [-] |
| 1. nftables supports NPTv6 (Network Prefix Translation), which is similar to NAT, except it's stateless and every device remains individually addressable. So you can configure your DHCPv6/SLAAC to assign to each device both an address from your globally-routable prefix and from your ULA prefix, and then NPTv6 will handle mapping your ULA prefix to/from the internet. 2. Lots of ISPs only assign a /64 by default, but if you configure your router to request a /56 via DHCPv6 prefix delegation, you'll usually get the larger prefix. FWIW, I'm using both of these on my home network, via a router running OpenWRT. |
| |
| ▲ | dogcow 4 days ago | parent [-] | | Thanks, I appreciate your explanation. I was aware that there are workarounds, but to me that defeats one of the core tenants of IPv6, which is that we're supposed to be doing away with this NAT and NAT-like nonsense by giving everything a globally rotatable IP. When I was reading up on everything, I also learned that your router can request a bigger prefix, but I ran across several posts from various folks stating they could only get a /64 from Comcast no matter what they tried, so I'm not sure how universally supported DHCPv6-PD requests are. | | |
| ▲ | gucci-on-fleek 4 days ago | parent [-] | | > I was aware that there are workarounds, but to me that defeats one of the core tenants of IPv6, which is that we're supposed to be doing away with this NAT and NAT-like nonsense by giving everything a globally rotatable IP. The nice thing with IPv6 is that devices have no problem with being assigned multiple addresses on the same interface. So most of my devices actually have 5 IPv6 addresses [0]: a globally-routable DHCPv6 address (the default), a globally-routable SLAAC address, a ULA DHCPv6 address, a ULA SLAAC address, and a link-local address. So you can have a globally-routable IP and a locally-stable IP at the same time. And this is arguably a good thing, since it would be annoying to have to renumber your local network if you ever changed ISPs. > I ran across several posts from various folks stating they could only get a /64 from Comcast no matter what they tried, so I'm not sure how universally supported DHCPv6-PD requests are. That's annoying, and also means that you probably won't be able to get NPT to work either. FWIW, both Shaw and Telus (in Canada) will assign you a /56 via DHCPv6-PD if you request it. [0]: I don't actually want this many addresses, but a link-local address is required for IPv6, I want my devices to have constant/easily-memorable IP addresses so I need DHCPv6, Android only supports SLAAC so I have to keep that enabled too, devices will prefer IPv4 over a v6 ULA so I need to keep the globally-routable addresses, and I want to use static addresses in my LAN so I need ULA enabled as well. |
|
|
|
| ▲ | andrewmcwatters 4 days ago | parent | prev [-] |
| Humanity is just capable enough but so incredibly stupid and greedy. We are just blithering idiots. There are supposedly so many IPv6 addresses that you could assign every grain of sand on earth on the order of quintillion addresses. So, yeah, there’s no excuse. |
