alt Hacker NewsI spent a week without IPv4 (2023)
Comments
> Peer-to-peer communications such as gaming usually have to deal with NAT traversal, but with IPv6 this is no longer an issue, especially for multiple gamers using the same connection
You know the list of "benefits" is thin when the second item is entirely theoretical. Even though IPv6 doesn't have to do NAT traversal, it still has to punch through your router's firewall which is effectively the same problem. Most ISP provided home routers simply block all incoming IPv6 traffic unless there is outbound traffic first, and provide little to no support for custom IPv6 rules.
Even if that were not an issue, my bet is that there are close to zero popular games that actually use true peer to peer networking.
> Groups of zeros can be omitted with two colons, but only once in an address (i.e. 2000:1::1, but not 2000::1::1 as that is ambiguous)
Can someone explain why it's ambiguous?
On the subject, IPv6 is one of the strangest inventions on the internet. Its utility and practically are obvious no matter how you look at it except... just one thing.
Network-related things are generally easy to remember and then type from memory: IPv4, domain names, standard port numbers. Back in the day it was the phone numbers, again, easy to remember and dial when you need it. IPv6 is just too long and requires copy/paste all the time. This is the only real reason in my opinion, why IPv6 is doomed to be second-grade citizen for (probably) a few more decades.
> There are also still a lot of misconceptions from network administrators who are scared of or don’t properly understand IPv6
Enable IPv6 on a TP-Link Omada router (ER7212PC) and all internal services are exposed to the outside world as there is no default IPv6 deny-all rule and no IPv6 firewall. I get why some people are nervous.
> I spent a WEEK without IPv4 to understand IPv6 transition mechanisms
> NAT64 - the method I’ve setup for this test
> IPv6 is absolutely ready for prime-time and has been for awhile
So... No, you spent a week effectively using both v6 and v4 with extra steps. If someone said "Linux is ready for primetime" but their setup only worked because they ran a bunch of applications in a Windows VM, I'd call that strong evidence that it really wasn't. Same here.
That said... This is from early 2023. Any chance it's better now?
Here's China's current IPv6 plan.[1] It was an explicit objective of the 14th Five Year Plan, now concluding, to get most of China's Internet on IPv6. About 70% of China's mobile users are on IPv6 now. But fixed IPv6 traffic in China is only 27%.
[1] https://www.cac.gov.cn/2025-05/20/c_1749446498560205.htm
My two IPv6 issues (even having had a HE tunnel in the past):
- My local ISP (US Internet, soon to be part of T-Mobile Fiber) hasn't enabled it, even though the CEO has said on Reddit for years that it's a priority. Now that they've been acquired who knows if it'll ever happen.
- Linode allows transferring v4 addresses between machines, so if I need to rebuild something I can do so without involving my client who usually has control over DNS. They do not support moving v6 addresses, which means that the only sites I have control over that support v6 are the ones that I control DNS.
Making IPv6 a thing seems like it would be super easy if a couple hours could be spent solving a bunch of dumb lazy problems.
I try enabling IPv6 every year or so. The last time I tried IPv6 at home I couldn't figure out what my netmask was, nor the size of my allocation. Some folks say my ISP issues /60s, others /64. I couldn't figure out how to get my IP to remain static long enough to have long-running TCP sessions, either. It was a mess and not much better than it was 20 years ago when I first tried it (and had to disable it because it being on broke all sorts of things).
Maybe 2026 will be the year of IPv6. I kinda doubt it given I'm some jackass and dedicated network professionals still don't use IPv6.
When I moved to an ISP that supported IPv6 earlier this year I ran into niggly problems. Ubuntu failed to update because one of its regional servers was misconfigured. OpenDNS one of its servers seemed not to be there on a regular basis over IPv6. I also had odd behaviour and latency issues where sometimes IPv6 would fail to route for short periods and it would fail and fall back to IPv4.
It was a painful experience of trying to work out if I had misconfigured it, if it was something to do with my opensource router software or if it was my ISP or the end services. I didn't get to the end of working this out and reporting issues and I just gave up. Due to the intermittent nature of the issues I was facing I never managed to get a report of issues my ISP would accept.
So I'll give it some time and give it a try after a year and see if things have improved, but it was definitely not ready for prime time.
> Don’t blame your provider when they deploy CG-NAT, embrace IPv6 and global routing instead.
In theory this makes sense, but in practice my personal experience is that not a single wireline ISP I've ever seen deploy CG-NAT offered IPv6 service at all, nor did any of them indicate any intent or even interest when asked about it.
The mobile providers on the other hand have almost entirely gone IPv6-first, using 6>4 transition methods as the default form of v4 access which I fully support.
4>4 CG-NAT should never have existed and providers who deploy it without offering fully functional v6 should be shamed.
OpenBSD makes it easy to try IPv6 tunnelbroker.net with NAT64/DNS64 if your ISP only has IPv4 ("one more lab test away.." they say).
This has worked for me well for a couple years. I do use a VLAN to keep the IPv6-only network separate (homelab) from video streamers in the household.
In my pf.conf:
# IPv6 tunnel
block in log on $tun6_if all
block in quick on $tun6_if inet6 from fd00::/8 to any
antispoof quick for $tun6_if
# allowed icmp6
pass in quick log on $tun6_if inet6 proto icmp6 icmp6-type {
unreach, toobig, timex, paramprob, echoreq
}
# MSS clamping 60 bytes less than HE 1480
# 20 byte IPv4 tcp header + 40 byte IPv6 ip header
match on $tun6_if all scrub (random-id max-mss 1420)
# DNS64/NAT64
module-config: "dns64 validator iterator"
dns64-prefix: 64:ff9b::/96
Am I missing something? Where's the part where he actually talks about his experience in that week? This goes straight from an overview of IPv6 to the conclusions section.
And despite that, the place where I work, has disabled ipv6, rendering our development machines useless for trivial tasks such as debugging our iOS app on a device (which uses ipv6 under the hood)
Reasons given: the security policies say ipv6 is not safe enough.
While these articles are useful in understanding the utility of IPv6, what would really help is an article explaining step by step how to configure a home network using IPv6. The tutorial should answer these questions:
- How to ensure there are no collisions in address space? Translates to, how to pick safe addresses, is there a system?
- How do I route from an external network resource to an internal network resource? Translates to, can you provide syntax on how to connect to an smb share? Set up a web service that works without WireGuard or equivalent?
- How does one segment networks, configure a vlan, set up a firewall?
I'm very surprised by the questions in this thread. There are some extremely basic things people are just not understanding. I suspect people hating on IPv6 have not spent the time with it. There is a difficulty in that it does behave quite differently to IPv4, and the lack of private addresses are also probably a shock.
I wish I could switch my network to all IPv6 and use NAT64/DNS64, but Android, the world's most popular OS, purposefully disables DHCPv6. I am forced to support IPv4/DHCPv4 for the foreseeable future to support these broken devices.
What’s the pragmatic solution to ipv6 allowing everybody in my household to be trivially and stably mapped to a unique subnet? I like the accidental semi-randomization that ipv4 and ISP NAT offered and I don’t see anything like it short of putting my entire home net on a VPN (it’s expensive and can’t keep up with my ISP’s bandwidth)
My previous fibre provider in Ireland was Virgin, and as far as I could tell, it was fully IPV6. Every device in my network got a public address, and self hosting stuff from home as was easy as setting up an A record at my DNS host. No faffing around with port forwarding, proxying, nat bullshit or whatever. My memory is hazy, but there might have been some firewall stuff I had to do on the virgin supplied router.
In my 25 year career in network engineering, I’ve encounter needing it as a user exactly once, and that was earlier this year. Supabase’s free tier allows direct connections the Postgres only over IPv6. It’s too bad the deploment has been a long drawn and expensive process for everyone.
World IPv6 day 6-6-26, just turn IPv4 off. Let the world catch up.
I said the same thing for 6-6-16 too.
My ISP has good IPv6 support. I was using it for a while and recently disabled it across my home network for simplicity of maintenance, cutting my vyos config in half. When I need to access something not available on IPv4 I'll set it up again but I'm not convinced that will happen in my lifetime.
Dual-stack with a public IPv4 address is by far a preferable way to access the v4 internet than being stuck behind a provider NAT64 box.
Totally understand why carriers may want IPv6 mostly and a v4-free core. But as an end user dual stack just seems simpler.
I wonder about the possibility of running your own email server behind a domestic IPv6 address.
Most of the domestic IPv4 networks have port 25 blocked for incoming connections. Maybe in the IPv6 realm things are bit more relaxed.
I feel this doesn’t really address whether we are losing something privacy or security related by not having NAT. I think my main devices are always updated Mac iPhone or iPad and can handle it, but do I really want my thermostat or doorbell or lock or garage door opener or light switch directly accessible on the Internet or is the nat serving a useful purpose? I don’t feel like this is addressed in this article.
I have firsthand experience doing that experiment about 3 months ago. Completely removed my IP4 DHCP lease from my ISP at the router. About 50% of the public sites I tried to visit didn't resolve. So many public sites, that I gave up and went back to dual stack after just a day. Google, ChatGPT, and a few other popular sites were fine with pure IPv6 traffic, however sites like eBay and even HN did not resolve. IPv6 simply is still not ready for everyone to just transition into overnight.
As a normal user: why do I need IPv6?
As far as I know, the majority of websites (about 70%) do not support IPv6.
Interesting. I did finally find a use for IPv6 which I wrote up here: https://martinalderson.com/posts/i-finally-found-a-use-for-i...
Tbh though the docker problems are very serious and extremely painful to work around. Everything works great apart from Docker which has so many issues - it does not handle IPv6 inbound but IPv4 out well at all (at least as far as I can tell!).
I need to switch my home network to at least use IPv6 externally, because my ISP recently deployed CG-NAT, which made my SSH server that used to work no longer reachable from outside of my LAN.
If Google would announce that Chrome is dropping IPv4 support in n months, that would probably get things moving. ;)
The workarounds we need to enable P2P communication on the internet are a shame... we need turn, stun, webrtc, all this stuff so two computers can talk without a dedicated port forward or public ipv4.
ipv6 is a beautiful protocol, (not perfect, but elegant) with a lot going for it. But the momentum of ipv4 is just too strong.
It's a mess... with no good solution. I tried to turn off ipv4 and github (shame on you) stopped working. But what are we supposed to do? Have the government mandate everyone switch? (oh wait half of US government websites are ipv4 only)
We did this to ourselves...
AWS doesn’t offer PTR records for IPv6 addresses, which makes Gmail blacklist my email server’s IPv6 address. I had to disable IPv6 due to lack of PTR records.
I'm pretty underwhelmed by IPv6. It looks like the typical "horse designed by committee."
I suspect that what will actually end up being implemented, will be a core subset of the spec.
We'll have to see what's still standing, when the dust settles.
Every few years I check to see how far away Virgin Media are from offering IPv6. Just checked again... nope!
People keep saying that IPv6 allows you to more easily host services, but you still have to support IPv4.
Try connecting to your IPv6-only service on Hotel WiFi -- you usually can't.
It's unfortunate, but IPv6 doesn't really solve any problems for a home user. And I say this as someone that has deployed IPv6 at home before.
My ISP has IPv6 since years and I'm on 6 as well.
NAT-less network is really cool, I can serve content directly from anything from my LAN.
We should really leave IPv4 and move on.
the reason why I explicitely disable ipv6 cause "this shit don't work" (at the moment, will probably change in the future)
- random slowdowns
- horrible routing
- larger packet overhead
- hated by a lot of the people who run the internet
- hated by companies who provide ddos protection
- my poor TCAM cache in my budget routers
- supporting ipv6 is really expensive in chassis routers
However, I believe there is a solution: Swap ISP's to IPv6 only, swap to IPv4 unless there is an IPv6 route present then directly forward. This solves quite a few issues: Once every ISP has IPv6 you can drop ipv4 and swap directly to ipv6 without having to split your TCAM. This works because IPv6 can encode IPv4 in it.
Hot take: IPv4 might be techinically worse, but it's "politically" (in the classic sense of the word) better.
IPv6 essentially enables "universal internet IDs" for every device, which could streamline a lot of things, but enable a lot of weird surveillance/power balance issues that the cruft of IPv4 is actually incidentally helping guard against.
Again, I'm old enough to remember when e.g. the ISPs were going to try to charge per device in each household.
I’m surprised home many technically knowledgeable people on Internet forums still think IPv6 is some niche, unreliable thing.
In my direct experience, in the USA, at least Spectrum, AT&T, and Xfinity (Comcast) still run IPv4, of course, but they also have IPv6 working and on by default on their home internet offerings.
All mainstream computer and mobile OSes support it by default and will prefer to connect with it over IPv4.
‘Everyone’ in many areas is using it. For many of us, our parents are using Facebook and watching Netflix over it. Over 50% of Google’s American traffic is over it. It just works.