> There is really no reason for most devices to be publicly reachable. Everyone keeps holding this up as a positive, but it's absolutely not. Most devices aren't servers.

Ever tried to call someone over the internet? Well, now you need a publicly reachable device.

Please, stop spreading this ignorance. You rely on your devices being reachable from the internet every single day, you're just not aware of it, because you're using a barely-working pile of duct tape and string that sort-of allows peer to peer connections to happen, after some arcane STUN/TURN/whatever magic.

If you wanted to send someone a file in the Olden Days, you'd just click on their IRC username, the client would open a connection to them and you'd send the file. Now you need to use iCloud or some nonsense, because apparently people believe that peer-to-peer connections aren't needed and shouldn't even work.

No it is not:

IPv4 header: https://upload.wikimedia.org/wikipedia/commons/thumb/6/60/IP...

IPv6 header: https://bitjunkie.org/wp-content/uploads/2023/10/ipv6-Header...

Notice how the IPv6 header is simpler? That’s because it is. It has normal working semantics, got rid of fragmentation, TTL is replaced by hop limit, and link-local addresses actually work as intended. The addresses look scary != more complicated. Please stop perpetuating this myth.

> Private IP space is incredibly useful. I build it and set it up -- my ISP does not have control. This is _gone_ with IPv6 and it makes things much more complicated than they need to.

Not in the least; IPv6 has private address space just like IPv4.

> Private IP space is incredibly useful ... This is _gone_ with IPv6

No, it's not. Learn about ULAs:

https://en.wikipedia.org/wiki/Unique_local_address

> Private IP space is incredibly useful. I build it and set it up -- my ISP does not have control.

You can have that with IPv6, too. You can even get your own ULA prefix that (hopefully [1]) only you will ever use: https://ula.ungleich.ch/

[1]: Technically, it doesn’t prevent anybody else from using the same space as you. (And you can’t advertise it, of course.)

> the whole standard is built around this use case most people don't need most of the time.

This seems to be a function of when it was developed, starting in the early 90s before the internet as we know it today, particularly the web, even existed. Security wasn’t seen the same way then, because the threats we have today simply didn’t exist.

Not every company in the world had its own private networks, so there weren’t even good examples to follow. The result was a system designed in the effective equivalent of a vacuum, without regard for how the internet would actually end up being used. The result is the situation you described.

> This is _gone_ with IPv6

Incorrect. There is the ULA range, fc00::/7, which is not routable and can be used in the same place you'd use 192.168.0.0/16 or similar.

You can even do something like fc00::192:168:0:0/120 if you really want.

> There is really no reason for most devices to be publicly reachable.

If you want things to work in one direction only, you really want television or radio. This is how most people really treat the Internet, unfortunately.

> I learn new things all the time. IPv6 is much more complicated, and importantly, more complicated than it needs to be. There is really no reason for most devices to be publicly reachable.

Sigh. This myth really won't die.

Publicly addressable ≠ publicly reachable.

With my last ISP I had IPv6: every device (including my printer) on my local network had a public IPv6 address, but exactly zero were reachable thanks to the stateful packet inspection (SPI) on my Asus.