
IPv4, IPv6, and a sudden change in attitude - LaSombra
https://apenwarr.ca/log/20200708
======
PaulAJ
The people who make the decisions about IPv6 adoption are not users, they are
ISPs. You get an IPv4 address on your router WAN port because that is what
your ISP gives to you.

From an ISP's point of view IPv6 is a lot of No Business Case. Those three
words are the death knell for any proposal to do anything in any business that
expects to be here next year. It has exactly nothing to do with the geeky
I-could-have-designed-it-better arguments about the technology.

If you are an ISP that is a going concern, with a bunch of customers sitting
on IPv4 addresses, then handing out IPv6 addresses makes no difference, except
when it breaks something. You still have to give your customers just as many
IPv4 addresses. So why bother?

If you plan to migrate your customers to IPv6 then you are a lunatic. Its
going to break stuff. Lots of websites don't exist on IPv6, and customers are
going to notice. Also your customers have spent the last 20 years slowly
picking up bits of IPv4 lore, like the vital importance of 192.168.0.1, and
are going to be puzzled when this doesn't work any more. All of this
translates into higher support costs and more customer churn.

Also, your allocated block of IPv4 addresses is a valuable asset in its own
right; not only does it have real financial value (around $20 per address at
present), but it also acts as a barrier to entry for competitors; if you want
to set up in business as an ISP you are going to have to acquire some IPv4
address blocks from somewhere, and they aren't making any more of them.
Managers are trained to look for barriers to entry to their industry, and the
current IPv4 situation is exactly that. No sane manager is going to do
something to make it easier for new competitors.

Eventually, of course, the dam is going to break and IPv6 will become
ubiquitous. ISPs will decide that buying blocks of IPv4 addresses costs more
than providing new customers with IPv6 plus some kind of carrier-grade NAT for
legacy IPv4 addresses. More website hosting companies will support IPv6 in
response, and suddenly IPv4 will be _so_ last-decade.

~~~
jesboat
> If you plan to migrate your customers to IPv6 then you are a lunatic.

Well...

Comcast made IPv6 on-by-default to all residential customers some time ago
(IIRC) and available (not sure if on-by-default) to all business customers.
[1] Verizon requires all LTE devices to support v6 [2] and achieved >70%
penetration in 2016 [3] (I'm too lazy to find a more recent statistic.)
T-Mobile launched v6only in 2014 [4] and hit >90% in 2018. [5]

> Eventually, of course, the dam is going to break and IPv6 will become
> ubiquitous. ISPs will decide that buying blocks of IPv4 addresses costs more
> than providing new customers with IPv6 plus some kind of carrier-grade NAT
> for legacy IPv4 addresses. More website hosting companies will support IPv6
> in response, and suddenly IPv4 will be so last-decade.

In short, that happened.

[1] [https://business.comcast.com/help-and-
support/internet/comca...](https://business.comcast.com/help-and-
support/internet/comcast-business-internet-learn-about-ipv6/) [2]
[https://www.apnic.net/wp-
content/uploads/2017/01/vzw_apnic_1...](https://www.apnic.net/wp-
content/uploads/2017/01/vzw_apnic_13462152832-2.pdf) [3]
[https://archive.today/20160719154102/http://www.worldipv6lau...](https://archive.today/20160719154102/http://www.worldipv6launch.org/measurements/)
[4]
[https://www.internetsociety.org/resources/deploy360/2014/cas...](https://www.internetsociety.org/resources/deploy360/2014/case-
study-t-mobile-us-goes-ipv6-only-using-464xlat/) [5]
[https://pc.nanog.org/static/published/meetings/NANOG73/1645/...](https://pc.nanog.org/static/published/meetings/NANOG73/1645/20180625_Lagerholm_T-
Mobile_S_Journey_To_v1.pdf)

~~~
WarOnPrivacy
> ISPs will decide that buying blocks of IPv4 addresses costs more than
> providing new customers with IPv6 plus some kind of carrier-grade NAT for
> legacy IPv4 addresses.

This implies an ISP can do math. Frontier acquired lots of IPv4 addresses w/
it's $10B purchase of Verizon assets(in 2015 & $7B in 2010 & 2B of AT&T).

Frontier has no plans to ever deploy IPv6.

~~~
bluGill
How long before someone (probably in Asia) decides that their IPv4 address is
worth more than the few customers who get there on IPv4?

~~~
mgbmtl
At some point (but probably in more than a few years), IPv4 users will be the
new IE6 of the Internet.

------
alexarnesen
The article was worth it just for this gem:

'If we were feeling snarky, we could perhaps describe IPv6 as "the String
Theory of networking": a decades-long boondoggle that attracts True Believers,
gets you flamed intensely if you question the doctrine, and which is notable
mainly for how much progress it has held back.'

~~~
Sean-Der
This trend has been bothering me a lot lately.

In standards bodies you will have a 'True Believer' about a particular topic.
They will push it for years and years, and eventually get their way. The idea
isn't bad, and would be great if included in the spec from day one.
Unfortunately adding it to what we have today causes massive
breakage/incompatibility.

Maybe I am just being resistant to good change. It just is frustrating because
in most cases the 'True Believer' isn't going to go worry about the real-world
impact of the change.

This phenomena seems to be hurting a lot of programming languages as well. So
much harder to say no, and idealistic people are always going to find a way :)

~~~
m463
I think, like python 2->3, the chaos and confusion of trying to pull off a
"clean slate reboot" is very rarely successful or worth it.

~~~
Dagger2
There wasn't really any way to avoid what v6 did though. v4 can't handle
addresses that are bigger than 32 bits, and that's the end of it.

v6 also has pretty much every backwards compatibility mechanism that can work
with v4. It's hard to see how it could've done any better, and nobody I've
ever talked to has managed to come up with anything that a) would work and b)
isn't already a thing v6 does or can do.

I've seen plenty of proposals that don't satisfy those two conditions (like,
"just add an octet" or "just make the numbers go up to 999")...

------
gorgoiler
IPv6 is great if you control lots of components that need to talk to one
another. Life is much simpler when you can trivially have thousands of
globally routable addresses. It provides great value without having to be 100%
deployed and for that, I am grateful.

I liken it to a commercial kitchen. Large numbers of identical steel pans,
everything measured in grams, Cambros, walk-in refrigeration. Ideas and tech
that are unlikely to catch on in the home kitchen, but when you operate at a
larger scale, invaluable.

~~~
tomalpha
> ...everything measured in grams...

> Ideas and tech that are unlikely to catch on in the home kitchen

Given the posting time I’d guess you were _likely_ not US based so I found
this surprising.

Even if that _is_ so, then I continue to be surprised every time I rediscover
the fact that the US hasn’t moved towards metrification.

Edit: rereading this the wording is harsher than intended. So to add: Either
way the wording tickled me for some reason. Whether intentional or not, thank
you (genuinely) for the smile this morning.

~~~
nikanj
Metric units are a mouthful. Centiliter <-> ounce. Kilometer <-> mile.
Centimeter <-> inch.

I think having easy-to-pronounce names for the metric units would help. Kliks
are much better than kilometers.

~~~
dx034
I've never heard anyone say Centiliter. It's milliliters or liters. You find
cl or dl on bottles but I've never encountered it in spoken language.

Which is nice because having fewer units make it easier to compare, even if
converting in metric system is easy.

~~~
ralls_ebfe
Shot glasses are 2cl around here.

~~~
dx034
I believe they're 2cl in all of Europe, never heard anyone use it outside of
refering to it.

------
ohazi
This motivated me to bite the bullet and jump through the hoops to set up an
IPv6 address for my personal server. I got all the way to the end and then
just when everything looked like it was working, I tried to load the page
and... nothing. Turns out my _home_ network doesn't currently have an IPv6
address. Comcast in the SFBA seems to alternate giving out IPv6 addresses and
then taking them away again every few months or so.

Works on my phone, though, so ¯\\_(ツ)_/¯...

~~~
divbzero
My ISP doesn’t support IPv6 either. I get 0/10 on WiFi _vs._ 10/10 on mobile
using Test Your IPv6. [1]

[1]: [https://test-ipv6.com/](https://test-ipv6.com/)

I’ve considered emailing to ask them to support it but haven’t come up with a
persuasive reason for why they should.

~~~
executesorder66
> but haven’t come up with a persuasive reason for why they should.

I don't know about you, but whenever I see an ISP, hosting provider, or
website that supports IPv6 I think: These guys know what they are doing, they
care about quality, and they actually plan for the future.

I'd much rather do business with someone that supports IPv6 because of the
above impression.

If I was running my own business that provided network related products or
services I'd make IPv6 support required because I don't want to seem like I'm
incompetent/lazy/ignorant.

So in short the persuasive reason is that it would improve their reputation.
Technical people notice these things and base their recommendations on these
sorts of impressions.

~~~
rjsw
This was one factor when I chose my current ISP, they have provided IPv6 for a
long time.

------
sandstrom
Still some distance to go, but Google see 30% of traffic from IPv6 now. It’s
slowly getting there.

[https://www.google.com/intl/en/ipv6/statistics.html](https://www.google.com/intl/en/ipv6/statistics.html)

Also, with most cloud hosting (AWS et. al.) it’s fairly trivial to enable dual
stack support.

~~~
zokier
> Also, with most cloud hosting (AWS et. al.) it’s fairly trivial to enable
> dual stack support.

I say AWS IPv6 support is pretty atrocious. You still can not set up pure IPv6
VPC, even for internal use, afaik most AWS services are still accessible only
through IPv4, IPv6 VPC has lots of weird limitations, etc etc. Somewhat sad,
considering that one would think AWS would be one to benefit from v6

~~~
sandstrom
Agree, it's sad and strange that they can't provide that.

Still, hosting an IPv6 service on AWS is fairly simple (at least in my
experience).

------
ncmncm
This article demonstrates yet another way that Postel's Law is a terrible
design principle.

The amount of damage adherence to Postel's Law has caused can never be
exaggerated. It has made securing TLS extremely difficult. It makes every kind
of migration or evolution difficult, and interferes with securing anything.

The way to enforce The Anti-Postel's Law is with tests that include requests
and responses to be rejected, and fuzzers that explore the whole boundary of
well-formed interaction. Such a test will never detect every improper
toleration, but it will make equipment and programs that don't conform hardly
ever work, until they are fixed.

People used to like compilers that were lax about syntax requirements and
provided lots of extensions. GNU compilers obliged, for a while, and then
stopped. Now, even users of Microsoft compilers have demanded Standard
conformance, and have nearly got it. A compiler that won't report errors is a
way to generate lock-in. That was fine with Microsoft until they understood
that it was locking them in, too.

------
bsder
IPv4 continues to exist because consumers are subject to ISP monopolies.

"Symmetric bandwidth" or "Running my own server" are not criteria that can be
used to choose an ISP because there is _NO_ ISP that offers either one in most
of the country (US).

Since nobody can run their own servers, there is no pull for a larger chunk of
addresses that would drive IPv6 adoption.

~~~
dx034
Not offering symmetric bandwidth has technical reasons. You only have a
limited amount of bandwidth with most technologies and the vast majority of
consumers is much better off having higher download than upload speeds.

I'm actually glad that ISPs default to only giving one IP address per
household. Not having most devices directly reachable from the internet is an
extra layer of security. It should never be the only one but can be an extra
step to make it harder for atttackers to introduce malware.

~~~
shmerl
No technical reason today, except for ISPs not upgrading to modern technology
(fiber optics) because of being short term profit cheapskates.

~~~
_hl_
This is not true. With fiber, if you want to go full-duplex, you need to
specify which frequencies you want to use per direction. Because 99.9% of
users use much, much more downlink thank uplink, it does not make sense to
reserve an equal amount of bandwidth for up and downlink, because that would
reduce the uplink bandwidth per fibre. Symmetric bandwidth is wasteful for
everyone but the content providers (who might even want asymmetric bandwidth
but with more up than downlink).

~~~
welterde
I think you are thinking of coax (cable) and not FTTH. Fiber has a much wider
frequency range and one tends to think in wavelength terms and not frequency.
And rarely is more than two wavelengths used for connecting customers (leaving
most capacity of the fiber unused).

With FTTH there are two common deployment strategies: dedicated fiber per
customer (then there is no reason at all why it wouldn't be symmetric) or
(G)PON. With GPON the issue is that multiple customers share the downlink and
uplink. And while it's easy to make the downstream burstable (meaning you can
use more than 1Gbit/N - with N being the number of customers sharing the
upstream GPON port), since only the ISP transmits in that direction for the
upstream each customer gets assigned a timeslot to transmit (since GPON only
uses a single wavelength for transmit and another one for receive). This means
that even if the connection is symmetric at the ISP end (1G down and 1G up)
one customer only gets 1G/N uplink bandwidth while they might briefly be able
to completely saturate the downstream.

~~~
shmerl
NG-PON2 improves on that by a huge margin: [https://en.wikipedia.org/wiki/NG-
PON2](https://en.wikipedia.org/wiki/NG-PON2)

------
quaintdev
One terrible way to switch to Ipv6 faster is to make existing services
available only on ipv6.

Or create some cutting edge application that will work only on ipv6

I know ipv4 users like author mentioned will still be able to access them
because someone else will plug in. We are stuck with ipv4 for decades, aren't
we?

~~~
dtech
> We are stuck with ipv4 for decades, aren't we?

This was always going to be the case, even with more speedy adoption op IPv6.
It's also not really a problem.

Making services just available for IPv6 is going to be a recipe for disaster
of the service, you've now made the service unavailable for 80-90% of your
audience, and they can't do a thing to fix it (their ISP has to). You need to
be better than start-up-era Google, Facebook, YouTube or Netflix to push
through that and force ISPs to adopt IPv6 to support you. Basically
impossible.

Forced adoption is a much better model. Apple forcing iOS apps to work on only
IPv6 connections if they want to get into the app store probably is one of the
largest drivers of adoption by businesses small and large, and IaaS providers
especially.

~~~
AndrewDucker
You're locking out 67% according to Google's latest figures.

51% in the USA.

Still too many to make it practical, but getting there.

~~~
dtech
That's good to hear :) I had numbers from a good while ago in my head then.

------
angrygoat
The 'noise' on this plot of Google IPv6 adoption is interesting:
[https://www.google.com/intl/en/ipv6/statistics.html](https://www.google.com/intl/en/ipv6/statistics.html)

It looks quite periodic when you zoom in: at first I thought it might be
different adoption rates in different timezones, but there's only one sample
available per day so that doesn't explain it. Anyone know what might be going
on?

~~~
teraflop
It's higher on weekends and holidays, which is presumably connected to mobile
devices having a significantly higher rate of IPv6 adoption.

~~~
why_only_15
You can see on the graph between March 10 and March 24 the significant
increase in the number of people working from home by the proportion of ipv6
usage

~~~
jcranmer
You can also see the much higher utilization of IPv6 at the end of December
that's pretty consistent for the last few years.

------
pferde
> That is, the ability for your connections to keep going even if you hop
> between IP addresses. If you had IP mobility, then you could migrate
> connections between your two internets in real time, based on live quality
> feedback.

This bit is solved pretty well by
[https://en.wikipedia.org/wiki/Multipath_TCP](https://en.wikipedia.org/wiki/Multipath_TCP),
but of course, both ends of a TCP connection have to support it.

------
javier10e6
In 2008 I was asked in one company to add ipv6 from a network stack because it
was going ot be a government mandate to support ipv6. That came and went. In
2015 I was asked to add VLAN support to another network stack
[https://tools.ietf.org/rfc/rfc5517.txt](https://tools.ietf.org/rfc/rfc5517.txt)
to allow duplicate ipv4 address to co-exist in the same network. Ipv4 is not
going anywhere, it doesn't have to. IpV6 is an effective way to segment your
network at the hardware level.

------
lostmsu
What I am severely disappointed about is Microsoft restricting Teredo to their
Xbox services.

Previously it was quite easy to get IPv6 connectivity at home when your
provider only offered IPv4. In fact you'd get IPv6 connectivity by default.
But at some point 1 or 2 years ago that just stopped working altogether, and
my recent attempts to get IPv6 over Teredo back failed: you can establish
tunnel, but it does not transmit packages to IPv6 hosts.

Now I am at the hands of my ISP.

------
Causality1
A lack of fail-over is a problem at almost every level. Like how if my home
internet has gone out and I've connected over wifi to my phone's hotspot, I
have to disable my ethernet adapter before I can get at the outside world over
wifi.

------
themew
As long as Reddit is ip4 only, ip4 won't go anywhere...

~~~
Dagger2
NAT64+DNS64 works fine for Reddit. I run my desktop without a v4 address and
have no problems with it.

I'm running the NAT64 myself, but it could be done by the ISP just fine, at
which point they wouldn't need to provision me with a v4 address. There are
major ISPs out there that do exactly this (for example T-Mobile in the US).

------
hkt
Honestly, having worked for a hosting company in the past that was fastidious
about IPv6 support, I can say a couple of things:

* It is almost definitely not worth it commercially, unless you've carved out your space in the community of people who specifically want IPv6

* It is much, much harder to work with than IPv4 and I don't believe this is only a lack of exposure

* Dual stacking is expensive and requires staff to pursue training with very uncertain levels of reward

IPv4 address space shortages.. could have been addressed by doubling the
number of bits in an IPv4 address, rather than throwing out the many tools
that already worked.

The last point in particular is heresy to network engineers, but perfect sense
to commercial types. Adoption should be cheap, if not free. The huge up front
human cost of training people to operate IPv6 is uneconomical. A 64bit IPv4.1
would be fine for decades.

~~~
throwaway2048
There is a weird persistent idea that all anyone really needed to do was
"extend ipv4 addresses" and everything ipv4 related would have remained
compatible.

No, it still absolutely would have completely broken everything and anything
that used ipv4, all the tools would still need to be thrown out.

There is basically no way such a proposal could work and maintain any sane
level of compatibility.

Its evident right on its face, how exactly would an ipv4 only tool connect to
a 64 bit "ipv4.1 address" ?

~~~
mprovost
There were proposals for backwards compatible addressing schemes. But they
were rejected for a "clean slate" approach. Almost 30 years later, we can see
how successful that was...

EIP (Extended Internet Protocol) [0] was proposed in 1992 as a replacement for
IPv4:

"EIP achieves maximum backward compatibility with IP by making the extended
space appear to be an IP option to the IP hosts and routers.

When an IP host receives an EIP packets, the EIP Extension field is safely
ignored as it appears to the IP hosts as an new, therefore an unknown, IP
option. As a result, there is no need for translation for in-coming EIP
packets destined to IP hosts and there is also no need for subnet routers to
be upgraded during the transition period."

[0] [https://www.rfc-editor.org/rfc/rfc1385.html](https://www.rfc-
editor.org/rfc/rfc1385.html)

~~~
welterde
IPv6 can do that too though! 6in4 is exactly equivalent to the proposed EIP
extension. EIP still splits the internet into the old legacy v4 internet and
the new EIP internet that cannot communicate with the old internet, since
while you can send packets to a v4-only host it won't know what to do with it.
You need to preserve this extra information - and IPv4 simply cannot do that.
You cannot fit more than 32 bit of information into 32 bit..

