IPv6 was superceded by NAT a long time ago. It will die a slw and quiet death which is why it is now being ignored by training facilities and experts worldwide.

> A much better solution here would have been an incredibly conservative change to ipv4 to expand the number of available address space

"And what do you base this belief on?

Fact is you'd run into exactly the same problems as with IPv6. Sure, network-enabled software might be easier to rewrite to support 40-bit IPv4+, but any hardware-accelerated products (routers, switches, network cards, etc.) would still need replacement (just as with IPv6), and you'd still need everyone to be assigned unique IPv4+ addresses in order to communicate with each other (just as with IPv6)."[0]

0: https://news.ycombinator.com/item?id=37120422

Circa 1999 I was working for Cisco as a sysadmin. I got my CCNP through internal training and considered making a career of network administration, but ipv6 changed my mind. It seemed so much more difficult and unpleasant to deal with. I didn't want that to be my day to day work.

I think the same thing happens on a different scale with ISPs. They don't want to deal with it until they have to for largely the same reason.

IPv6's failure was mostly caused by the IETF's ivory tower dwellers, who seem to generally be academics with no practical experience or understanding whatsoever of how networks are actually built and run today.

Small site multihoming, for example, is an absolute disaster. Good luck if you're trying to add a cellular backup to your residential DSL connection.

IETF says you should either have multiple routers advertising multiple provider-assigned prefixes (a manageability nightmare), or that you should run BGP with provider independent address space; good luck getting your residential ISP or cellular carrier onboard with this idea.

I wouldn't say "failure". There are many, many IPv6 client devices out there, mostly on mobile networks. And it works great and they do well and the tools all support it very well.

But IPv4 will never, ever die. The rise of NAT as a pervasive security paradigm[1] basically neuters the one true advantage IPv6 brought to the table by hiding every client environment behind a single address, and the rise of "cloud everything" means that no one cares enough about reaching peer devices anyway. Just this morning my son asked me to share a playlist, so of course I just send him a link to a YouTube Music URL. Want to work on a spreadsheet for family finances with your spouse in the next room? It lives in a datacenter in The Dalles.

[1] And yes, we absolutely rely as a collective society on all our local devices being hidden. Yes, I understand how it works, and how firewalls could do this with globally writable addresses too, yada yada. But in practice NAT is best. It just is.

ipv6 adoption is still steadily rising. Not as fast as anyone hoped, but at least steadily. There is no way it can be abandoned at this point even if we wanted to.

The point is not really to support a galactic empire, the idea is that you have a network part and an interface part, each is 64 bits. The "network" part is used by routers, the interface part is to identify the device on the endpoint. Each interface have an identifier that is world unique (usually based on the MAC address), each network is also unique. Usually, your ISP gives you a /48 prefix, so you have 16 bits for potentially 64k internal networks. This way, you don't need something like DHCP to get an address, you just take it and you won't have conflicts.

But because you have two independent unique parts, you need twice as many bits, so 64+64=128 bits. It simplifies routing and address allocation, at the cost of 16 bytes per packet compared to 64 bit addresses.

That we could use IPv6 on galactic empires is an added bonus, but not really the reason.

It's understandable that IPv6 would be ambitious rather than incremental given the cost of rolling out a new protocol; the bells-and-whistles IPv6 design is probably just a relatively small constant factor more expensive than the simplest possible address space expansion. Viewed that way, you only get the one chance to update the protocol, you might as well fix whatever you can.

> Future proofing it by jumping straight to 128 bits instead of 64. 64 would have been fine. Even with a load factor of 1:1000 by assigning semantics to ranges of IP addresses, 64 bit addressing is still enough addresses for 10 million devices per person.

128 bit is like the least of adoption issues and basically meaningless difference vs 64.

But it shows weird priorities when they decided 128 then immediately wasted half of it on host part just to achieve "globally unique" host part that isn't really all that useful characteristic of the protocol.

Don't think the problem is 64 vs 128. I don't think the problem is end users either, the vast majority of which don't even know what the IP protocol is in the first place (nor should they). The fault I think is on ISPs.

I use hyperoptic in the UK, if you replace the original router (which reserves the external 443 port for itself, i.e. no one sophisticated would keep it), there seems to be no way to get a v6 address. This is pure incompetence and carelessness. Like ISPs allowing their network to send packets spoofing IPs from outside their network. Add to that foreign ISPs (which means that even if your own network supports v6, you need v4 support when you are on holidays/travelling), and you have a situation where v4 cannot simply be switched off.

So for a website, what is the point of supporting v6 if v4 is never going away?

how would you do SLAAC with 64 bits?

> Future proofing it by jumping straight to 128 bits instead of 64.

It's hard to disagree with your point since 64 would definitely have been better than the 32 we have. I'm not convinced the choice of going for 128 bits posed any real challenge to adoption though.

IPv4s are about to be bought, held, portfoilo'ed, speculated, and rented/mortgaged/sold like real estate. Companies like IPXO are already doing it. The costs of public IPv4's are going to go up for no technical reason because a new distinct ownership layer is springing up between you and the ISP. You're going to start renting them or paying a holder for the right to use them (on top of your ISP to transport it) at some point. And you can continue to do that, or get IPv6's for free.

> In the enterprises I've worked in the past decade with IPv6 running

What about those without IPv6 running?

Anyway, in the enterprises I've worked in the past decade - of course, another anecdote - not once has anyone ever specified an IPv6 address of anything. Inside the organization or outside of it.

>Maybe not in the strict sense, but it kind of has.

>In the enterprises I've worked in the past decade with IPv6 running, at least 75% of the Internet traffic is IPv6.

Nobody cares about those. What matters is if my device has an IPv6 address assigned.

That’s why my home network is IPv6 only. NAT64 and DNS64 and 464XLAT work very well, and you only need to configure IPv4 once: in your router.

I'd assume a lot of this is because of mobile devices of some type. Getting legacy network operators like cable providers to supply IPv6 has been hell.

There is a rich history of IoT devices using IPv6 to communicate among themselves without relying on the cloud. I think Nest started this trend. One Nest device sends a specific RA to make itself the router of all other Nest devices. All other devices can configure themselves thanks to SLAAC. The benefit of v6 is that there are so many addresses out there that the Nest device can just pick an arbitrary ULA and there won’t be collisions.

Don’t know about Matter though. If it requires the user to turn on IPv6 then it’s a user experience downgrade. It should just use IPv6 internally.

That wouldn't work anyway. IPv6 addresses aren't routable on an address-by-address basis.

Since ipv6 is just a 128-address, you could say any unique national ID is already an assigned ipv6. Heck, if you assign your services a UUID, you have also already assigned them an ipv6.

What makes an ipv6 useful is that you can route to it. Since you will never be connected to the network. The network will never be able to route packets to you, making the whole thing a little pointless.

Not really. DJB’s clearly a very, very smart person, but he missed the mark on almost all of that. The problems he described which are real have been satisfactorily solved; they weren’t intractable. The rest turned out to be non-issues.

My ISP is xfinity. They say the same thing but my IPv6 address hasn't changed any more frequently than my IPv4. In my experience it changing isn't any more annoying than my v4 changing so I'm not sure why people still get up in arms about it.

Get a virtual server and do the things on it that you'd want a static address for. Use a VPN connection back to your home to merge it with your network. This is a great way to deal with CGNAT.

Do you have a static IPv4, presumably a single IP?

I find it useful, mine does change periodically, but I just have a script that Updates DNS when it changes:

   nsupdate -v -y "${KEY_ALGO}:${KEY_NAME}:${KEY_SECRET}" <<EOF
   server $DNS_SERVER
   zone $ZONE 
   update delete $RECORD AAAA
   update add $RECORD 300 AAAA $CURRENT_IP
   show
   send
   EOF

Same here, I had a working IPv6 setup previously with my DSL provider, but now that I moved to a fibre connection, the new one refuses to support it.

But do they give you PD?

My prefix is tied to the mac address of the device that's connected to the PON.

My ISP (naming no names...erum...Spectrum) refuses to even admit they know what IPv6 is. It's like asking the NSA what Menwith Hill is for...

I recently moved house and looked at a new offer from a new ISP for a long term lockin but a cheap price. They used CG-NAT. I instead chose one which gives me as many ipv4s or ipv6s as I can reasonably use, doesn't oversubscribe its upsteam connectivity etc.

For home internet service I would prefer to pay extra for a better service, it's too important to try to penny-pinch 0.1% of my income on it.

But then I live in a capitalist country where there's competition, I believe some countries you don't get a choice.

Meanwhile, there is a whole grey market built around this. People sell “CGNAT mobile proxies” that ride on carrier and ISP NAT, and the whole point is that they are a pain to block without nuking huge ISP ranges. So they get marketed as a convenient way to dodge shadowbans, spam filters, and basically any abuse defense that relies on IP reputation.

> At what point will we be allowed to say IPv6 hasn't failed?

"IPv6 ... still hasn't taken over the world [after thirty years of deployment]." is a very different statement than "IPv6 has failed.".

Noone who has successfully extracted their head from their ass says that IPv6 has failed. It's widely deployed on the Internet, and on who knows how many corporate intranets and SOHO/home LANs.

IMO, it's stupid to ever consider turning off IPv4. There surely exist useful systems out there that will never be updated to work with IPv6.

I see IPv6 as an "IPv4 address pressure relief system". In the future, SOHO/home LANs can run servers on IPv6, datacenters can run servers mostly on IPv6 but also v4 if they really want, and SOHO/home networks can be behind an IPv4 CGN because all of their unsolicited inbound traffic will come over IPv6.

As GitHub keeps Azureifying, it'll be interesting to see if this changes.

I think the original plan was definitely to turn IPv4 off. Obviously that's probably not practical in our lifetimes.

Oh it's much more mundane.

IPv4 "works" and ISPs are incredibly resistant to changing things that "work".

Because support is needed basically end to end, it's going to take an ungodly amount of time for ISPs to figure this stuff out.

It's pretty frustrating having all my hardware support v6 with the only barrier being my ISP who refuses to support it in my location (they support it in other locations).

America has one of the highest IPv6 adoptions in the world.

This is mainly due to mobile devices only being issued ipv6 addresses by the telco 4g networks. They are the only ones using ipv6 on the millions of clients scale.

It’s ok to understand something and disagree with it. It’s another to proudly wear ignorance on one’s sleeve. That’s never a good look.

There’s no way in which IPv6 is less private than IPv4. An ISP issues your house an IPv4 address and an IPv6 /48 network. Both of those can be subpoenaed equally. The privacy extensions work as advertised.

And in reality land, the big companies are the ones pushing for the upgrade because they’re the ones hardest hit by IPv4’s inherent limitations and increasing costs. Same rando in Tampa isn’t leading the charge because it doesn’t affect them much either way.

Unless my understanding of how IPv6 is flawed, I don’t think your assertion is true in practice. One of the big benefits to IPv6 is that addresses are plentiful and fairly disposable. Getting a /48 block and configuring a router to assign from the block is pretty straightforward.

I’m aka unsure if IPv4 really gets you the privacy advantages you think it does. Your IP address is a data point, but the contents of your TCP/HTTP traffic, your browser JS runtime, and your ISP are typically the more reliable ways to identify you individually.

> Incoming HN downvotes because I'm not using the coolest latest technology.

The downvotes are because you’re needlessly combative, preemptively complaining about downvotes.

You can nat all your ipv6 traffic behind a single IP if you want. Or a new IP for every connection.

Realistically though there's enough fingerprinting in browsers to track you regardless of your public IP and whether it's shared between every device in the house or if you dole out a routable ipv4 to every device.

CG-NAT gives more privacy benefits as you have more devices behind the same IP, but the other means of tracking still tend to work.

For me I just don't see the appeal of supporting both ipv4 and ipv6. It means a larger attack surface. Every year or two I move onto my ipv6 vlan and last a few hours before something doesn't work. I still don't see any benefit to me, the user.

> Incoming HN downvotes because I'm not using the coolest latest technology.

"IPv6 just turned 30" - literally the first part of the post title.

The rest of the post is equally baffling, you are just clinging to a legacy bottleneck (NAT) that was never designed to be a security feature

>ALL your services accessible through the tunnel are "down" for your users

Not all.

I operate site with IPv6 only origins behind cloudflare.

During the outage I manged to login to the dashboard after some time and remove cloudflare for nearly 2 hours, and traffic level stayed close to 50% during the IPv6 only period.

Nobody complained: those who did not have working IPv6 probably blamed it on cloudflare.

Most 4G networks are actually IPv6-only, with IPv4 traffic being routed through inefficient tunnel systems. This is why Apple and Google require all mobile apps to use IPv6.

> In almost ALL context IPv6 is seen as optional, additional, additional configuration and is NEVER the default.

Weird. The past two ISPs I've had (Comcast and Monkeybrains) both had IPv6 enabled by default. I've looked at a bunch of SOHO networking gear and IPv6 is on by default. On every Linux and Windows system I've touched in the past ten, fifteen years you have to go significantly out of your way to disable IPv6.

> Some programs do not handle IPv6 at all. Game servers for instance, do not support it...

Depends on the game server. Many I run absolutely do.

Your complaints smell like you tried to run an IPv6-only client network, which would be an absolute nightmare. That's just a stupid thing for a SOHO network (and the networks that serve most corporate client hosts) to do. IPv4-only Internet hosts exist, so it's a no-brainer to provide IPv4 connectivity to clients.

On the other hand, running IPv6-only infrastructure networks can make a ton of sense. One very large such operator is Comcast, a US ISP.

so it turned into a good ol' legacy problems

idk if arma3 does server discovery, but in case of manual ip input there some kind of OS-networking-level adapter should help. Usecase seems too obvious for something like that not to exist

I have fiber to my house and no native IPv6 support. I did some research and it seems there is a way to enable IPv6, but it’s janky and just tunnels over IPv4 so what’s the point?

I would love for IPv6 to actually take off but somehow it feels like we are still a decade away from ubiquitous adoption.