
Aussie ISP gets eye-watering IPv4 bill, shifts to IPv6 - lelf
https://www.theregister.co.uk/2018/09/04/aussie_broadband_ipv6/
======
rohan1024
> we are now looking at carrier-grade NAT vendors as a longer term solution
> rather then buying more IPv4 space

That's even worse. I read a definition of Internet long back which I vaguely
remember

A network of devices where each device is assigned with unique IP address so
that they can communicate with each other. No central party is needed for two
devices to connect with each other!

This always fascinated me. But NAT breaks that definition or was the
definition wrong? It no longer holds true. IPV6 is the only hope. I've wrote
more about it here

[https://www.ankshilp.in/post/the_broken_promise_of_internet/](https://www.ankshilp.in/post/the_broken_promise_of_internet/)

~~~
cm2187
Also IPv6 makes scanning the address space infeasible. This is the only
realistic hope to get a bit more security in IoT.

~~~
Fnoord
That seems like security through obscurity.

I have other hopes to get IoT more secure. Open source firmware, for starters.
Support contracts where you don't buy the hardware but buy a working (and
insecure isn't working) device.

The problem with IPv6 is that it is a chicken-egg problem. Those who get CGNAT
plus native IPv6 are part of the unfortunate bunch who are not using native
IPv4 (and therefore miss out on certain IPv4-only services). Meanwhile, the
IPv4-only services are causing issues for CGNAT. The logical conclusion is
that everyone who currently offers IPv4-only should (and should've been)
focusing on adopting native IPv6 dual stack. The continuous procrastination,
out of greed and egocentric thinking, is what caused the current situation in
the first place.

My ISP tried to shove CGNAT with native IPv6 through my throat. My modem was
unstable. BitTorrent didn't work well anymore. I could not use services over
LTE anymore (my LTE provider, actually same provider as my cable, used
IPv4-only back then; don't know now). I relied on that to work. So they gave
me what I had before: IPv4 only. Why not dual stack first?

~~~
cm2187
Having to guess a 128bit AES key is also security through obscurity then!

Though it doesn't give any protection against local scanning.

~~~
BrandoElFollito
I was about to comment exactly that.

This is security by realistic approximation of compute capacities and basic
probability math.

Aka. good security

------
LIV2
It would be nice if the Aussie broadband market would start enabling IPv6 but
the pessimist in me thinks they'll just turn on CG-NAT and call it a day.

Since most consumers don't care, and CG-NAT bandaids the problem I don't see
how the market will be motivated to spend the time/money to bring us IPv6.
We're probably going to be stuck with shitty bandaid solutions for a while

~~~
danpalmer
I’m visiting Australia at the moment and the state of internet connectivity in
central Melbourne is pretty poor.

Very slow internet at my AirBnBs, generally very poor WiFi availability and
speeds in public, the co-working space I’m in (that is otherwise excellent) is
a similar speed to my home connection in London.

Above all, latency makes some websites considerably less pleasant to use, and
SSH to most places is painful. I know that’s not something the local market
can necessarily fix though.

~~~
koyote
As someone who moved to Australia from London, I can confirm: the latency is
the real killer.

I'm one of the few lucky ones with FTTP which gets me close to 100mbit speeds.
But as soon as I have to connect to a server outside of Oz I am pretty much
back to (high) ADSL speeds. Latency to the US and Singapore (the two closest
international backbones) is around 150-200ms. It's around double that for
Europe. At peak times those backbones get very congested.

Funnily the only country I've been to that has faster and more consistent 4g
was Japan.

~~~
danpalmer
100MB is still not great for business premises. At home in London I'm on 80MB
fibre, and get ~76MB during peak times. At work in London we have 1GB (and
typically get 1.2GB) between ~80 people. This co-working space is ~85MB for a
similar number of people.

------
nik736
This has nothing to do with native IPv6. They are putting 1000s of customers
behind one single IPv4 address which is a nightmare for everyone involved
(think about port forwarding not working anymore, etc.)

~~~
AstralStorm
What makes you think they'll use just one address and not a pool?

~~~
nik736
I didn't say they were using just one address. I was saying they are putting
100s or 1000s of customers behind one single address (which is happening in
Europe for years already, with UPC for example). Of course they have several
IPv4 addresses.

------
rstuart4133
I don't have much sympathy. What I read is an ISP saying "gee, all those IPv4
addresses we use internally are costing us a mint, whatever shall I do?".

I see lots of comments here about the merits of IPv4 v IPv6 v CG-NAT. That's
all irrelevant. Aussie Broadband, like all Australian ISP's, provide their
customers with a router configured to do NAT. If like me you don't want that
your on your own you are better off purchasing your own gear. They won't
support you, but at least you will be familiar with it. For some ISP's like
Optus you have no choice - they've crippled the firmware in their routers so
you can't change it.

Given the router is doing NAT they can use any carrier. And indeed, some
Australian NBN ISP's use IPv4/DHCP, some use PPPoE and others were at one
point doing QinQ and of course for pre-NBN ADSL connections it was ATM.
Whatever, if your router is doing NAT it doesn't doesn't effect the customer
one way or the other. IPv6 is a perfectly reasonable choice for a carrier in
those circumstances, and for bonus points it means you can give your customer
routeable IP addresses. (It would simplify my home setup considerably.) And it
doesn't use a single paid for IPv4 for internal routing!

As for the hand wringing about the price - we've known this was coming for
decades. We've figured out the solution and it's been available for purchase
for years. They've almost certainly replaced their gear at least once in those
years. They definitely replaced the routers they've handed out to customers
because of the NBN rollout. If they didn't replace it with something IPv6
capable that's piss poor planning - particularly so because unlike most
countries the NBN roll out gave Australian ISP's the perfect opportunity to do
it.

------
jolmg
Sometimes I worry if ISPs aren't incentivized to chose IPv6 over just having
CG-NAT. Of the ISPs that are available in my area, some are doing just CG-NAT
and no IPv6.

------
CaliforniaKarl
I have Comcast cable Internet in California. I own my own cable modem, and my
own router (an Asus RT-AC68U).

Over a year ago, I decided to check out if I could do IPv6. And indeed I
could! I am now getting a dynamically-allocated /64 block, which is used to
make allocations to my desktop and my phone. From my perspective, IPv6 just
works!

I hope, in two or so years, they come back to the same conference with a
report of how much traffic has moved to IPv6.

------
cm2187
In the UK, BT officially enabled IPv6 but it is a "maybe" IPv6. Sometimes it
is enabled, sometimes not. It is 2019....

~~~
rwmj
My advice would be get a better ISP. I have rock solid IPv6 here in the UK
with a /48 and a RIPE record.

~~~
cm2187
Unfortunately where I live there is only one fibre to the premise provider and
that's not going to change. I don't care about IPv6 enough to swap fibre to
the premise for DSL.

~~~
isostatic
Doesn't your FTTP provider give IPv6 then?

I have a BT Openreach fibre, and A&A give IPV6, and several v4s

~~~
cm2187
I use BT openreach too. They do but as I said patchy connectivity. I see that
when I run nslookup in windows which isn't smart enough to fall back to IPv4
DNS when v6 is not reachable. It seems to be on and off.

~~~
isostatic
You're on A&A and getting patchy connectivity?

~~~
cm2187
I am on BT openreach. What is A&A?

I get patchy v6 connectivity. v4 is stable.

~~~
rwmj
[https://www.aa.net.uk/](https://www.aa.net.uk/) I'm using it and get rock
solid IPv6. Also they have actual people who know what they are doing manning
the phones.

