| ▲ | hdgvhicv 2 hours ago | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
Prices have been coming down for years in nominal terms, let alone real terms. Cg nat does everything that’s needed, there are no significant ip6 only services, there are plenty of ip4 only services, so you have to support ip4 anyway, so why bother with ip6 My company has just turned off all ip6 connectivity for its corporate laptops because it’s considered a security risk. I disagree, but I do agree that having 4 and 6 is a higher risk than 4 alone or 6 alone, and 6 alone sadly still doesn’t work reliably. All the “promise” of ip6, direct connections etc, were lost when stateful firewalls became required and memory became cheaper than $20 a megabyte. Some bespoke old protocols don’t like ports changing, which can be a problem, but it’s a very small number and easier to work around with modern protocols than support a dual stack environment securely for the majority of places that struggle securing a single stack. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ▲ | throw0101a an hour ago | parent | next [-] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
> My company has just turned off all ip6 connectivity for its corporate laptops because it’s considered a security risk. If your corporate laptops are running Windows, then you're going against the officially supported configuration of the vendor (Microsoft): > Internet Protocol version 6 (IPv6) is a mandatory part of Windows Vista and Windows Server 2008 and newer versions. > We don't recommend that you disable IPv6 or IPv6 components or unbind IPv6 from interfaces. If you do, some Windows components might not function. * https://learn.microsoft.com/en-us/troubleshoot/windows-serve... > Cg nat does everything that’s needed […] Except for making it convenient for end-user to, say, play P2P video games, or host Mindcraft servers, etc. > […] and 6 alone sadly still doesn’t work reliably. It's so unreliable that half of all Internet traffic uses it. It's so unreliable that Microsoft has been going IPv6-only in their corporate networks (a decade ago): * https://labs.ripe.net/author/mirjam/ipv6-only-at-microsoft/ It's so unreliable that Google is now 99% IPv6-only/mostly on their corporate networks: | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ▲ | inigyou 2 hours ago | parent | prev | next [-] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
Everything that's needed besides letting computers talk to each other, that is. With ipv4 you have a two tier internet. Computers talk to servers, servers talk to servers, computers can't talk to computers so every video call must be routed through a server. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| ▲ | jampekka an hour ago | parent | prev [-] | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
> My company has just turned off all ip6 connectivity for its corporate laptops because it’s considered a security risk. I disagree, but I do agree that having 4 and 6 is a higher risk than 4 alone or 6 alone, and 6 alone sadly still doesn’t work reliably. I had a very concreteish security risk with IPv6 and openvpn. At least in Debian config openvpn tunneled only IPv4 by default. I only noticed this by being surprised I got results tailored to my origin country instead of the VPN out node country. It's eternal (dual stack) paper cuts like this why just turning IPv6 off makes life a lot easier. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||