Welcome to the Unpopular Opinion community!
How voting works:
Vote the opposite of the norm.
If you agree that the opinion is unpopular give it an arrow up. If it's something that's widely accepted, give it an arrow down.
Guidelines:
Tag your post, if possible (not required)
Rules:
1. NO POLITICS
Politics is everywhere. Let's make this about [general] and [lemmy] - specific topics, and keep politics out of it.
2. Be civil.
Disagreements happen, but that doesn’t provide the right to personally attack others. No racism/sexism/bigotry. Please also refrain from gatekeeping others' opinions.
3. No bots, spam or self-promotion.
Only approved bots, which follow the guidelines for bots set by the instance, are allowed.
4. Shitposts and memes are allowed but...
Only until they prove to be a problem. They can and will be removed at moderator discretion.
5. No trolling.
This shouldn't need an explanation. If your post or comment is made just to get a rise with no real value, it will be removed. You do this too often, you will get a vacation to touch grass, away from this community for 1 or more days. Repeat offenses will result in a perma-ban.
6. Defend your opinion
This is a bit of a mix of rules 4 and 5 to help foster higher quality posts. You are expected to defend your unpopular opinion in the post body. We don't expect a whole manifesto (please, no manifestos), but you should at least provide some details as to why you hold the position you do.
Instance-wide rules always apply. https://legal.lemmy.world/tos/
43% of Google traffic is now ipv6 and steadily growing
https://www.google.com/intl/en/ipv6/statistics.html
CGNAT is only a temporary band aid for reaching services that are yet to present themselves on IPV6. It’s relatively expensive to operate.
IpV6 might be largely pointless on a LAN, and sure NAT is fine there, but ipv6 already running large chunks of the world’s mobile infrastructure. It’s not going anywhere.
Upvote for semi-unpopular opinion.
I think you're wrong about the shortage being 'solved' by NAT. NAT is great for LAN and WAN in the developed world, but there are billions of folks in remote developing areas where it's not much help. It also severely limits the big chunks of address spaces that can be allocated to business, universities, governments, etc. It is not a trivial problem waved away by NAT.
I think it will continue to be a very gradual but relentless rollout of IPv6. Not saying it will be fast. But 30 years from now, if we haven't destroyed civilization, I suspect IPv4 will be a quaint relic. And IPv6 will never run out of addresses.
This whole debate is so tired. Just use IPv6, it’s 2024 and it’s so fucking easy these days.
I have actually found IPv6 simpler to set up and manage than I thought it would be. As I run at least one or two internet facing services from my home network, which I cannot do with IPv4 because my ISP is fully CGNAT. I even successfully set up my own static IPv6 address on my server so that I can just point my domain name at it and then anything I need I can just hit my domain and it will give the IP address instead of me having to remember it.
Granted I have very simple requirements, so It does seem pretty easy, except
So switching to IPv6 means running dual stack and setting up a tunnel, and I probably need to relearn firewalls. I’m not sure any of those are very difficult but it’s enough, especially since there’s no clear win here
If Matter-Thread ever gets off the ground that would help: most of my newer IPv4-only devices are home automation so switching to an IPv6-based protocol should finally make that happen
IPv6 isn't just larger addresses, it was meant to totally remove the need for layer 2 / MAC addresses, bus networks, DHCP, and broadcasts. Since the plan was to get rid of the 12 byte ethernet header, the 24 byte increase in IP addresses would only be a 12 byte increase in header at the end of the day. WiFi wouldn't need three MAC addresses in every packet. IPv6 only achieves it's true potential with a complete switch over.
I personally don't think that can ever happen. The opportunity to switch everyone over is absolutely long gone. IPv6 isn't an extension of v4 or a compatible replacement, like ASCII to UTF-8. It's more like X to Wayland. The protocol authors went "This is a mess we gotta rethink this from scratch". But there's so much already relying on the old protocol, and replacing it with something that doesn't perfectly match features is difficult for little reward for users.
The increase in IPv6 nodes has mostly been due to mobile networks. The tragedy is they actually still mostly use layer 2 and bridge networking. IPv4 nor v6 can handle maintaining connections while addresses change. So they set it up so that you keep the same IP address as you travel and move between different towers. This is done with massive virtual layer 2 LANs across towers, with the IP routing happening at a central datacentre. IPv6 is simply used for the larger addresses, and none of the network/protocol simplifications it promised can be used.
You say that something may replace IP4, but it won't be IP6, then you list a lot of reasons why it can't be IP6, except all those reasons would apply to whatever that something is also.
Why would I need to remember an ip address if I have a hostname? I don't know my ipv4 anywhere since it's all dynamic.
Standards like those change just fine. Sure some stuff uses ascii still, but almost everything I encounter is unicode. Email has had so many things added on over the years that that's not a fair comparison either. Other countries have plenty of kb layouts that are more popular locally than qwerty but came afterwards.
At some point ipv6 will be the default and we'll just use compatibility layers to access ipv4 only things. We don't need every device on board, just the ISPs
If i had a nickle for every time ive seen ipv6 hate this week id have 2 nickels which isnt much bit its weird that it happened twice.
The only reason i can think of to dislike ipv6 is if i was an authoritarian who hated the p2p capabilities it provoded.
Also go watch apalrd's video on ipv6 migration u know u can actually spell words in ur ipv6 address.
So then this is actually a popular opinion? ;)
More popular than I anticipated, but at least somewhat controversial based on the vote ratio.
I posted this elsewhere a few days ago. I don't think IPv6 can do what I require of a basic home network, let alone a large enterprise...
I gave it a really good shot at implementing this past week. I spent 3 days getting up to speed, reading loads and trying various different things. But I am now back to IPv4 only because I just can't get IPv6 to do what I want and no amount of searching has made me think what I want to do is even possible.
Some background about the IPv4 network I run at home: I run opnsense on a Proxmox server. I have a few services publicly available using port forwarding. I run several VLANs for IoT, VoIP, Cameras etc. I use a bunch of firewall rules that are specific client devices on the network. So for example I have a rule that blocks youtube from the kids tablets and the TV. I have a special rule around DNS for the wife as she doesn't want to use the pihole blocking features. These rules are made possible because the DHCP server is set to give them a fixed IP and I can create a firewall alias and rule based on that.
None of these things on my existing network are particularly difficult to configure, they run really well.
What I want from IPv6 is:
What I've tried:
Additional: I don't think I have a problem with "thinking about it all wrong for IPv6". I may have a skill issue, hence this question.
As far as I can tell to achieve requirement 1) you must use SLAAC. SLAAC without privacy extensions doesn't allow for 6).
Changes to external ISP prefix assignment impacts MY INTERNAL NETWORK (this just seems insane). And as far as I can tell there's no easy way around this, especially if I have static addresses configured for servers which would (if using SLAAC) have to be manually configured.
I can't see how DNS would be updated either, either Unbound running on Opnsense, or to the pihole. If I go for SLAAC with privacy extensions and I keep paying for a static IP (v4 & v6) to my ISP then I can't implement any firewall rules for specific devices as devices will change their IP regularly. And its even worse if I don't pay for a static IPv6 prefix.
I don't think anything I'm trying to do is particularly strange or unusual but 26 years after its introduction I don't see that IPv6 can meet these requirements. And one of the leading firewall routers, especially in the homelab doesn't have answers to these questions either.
Can you suggest a way to meet all 6 requirements I have with IPv6?
If I go for SLAAC with privacy extensions and I keep paying for a static IP (v4 & v6) to my ISP then I can't implement any firewall rules for specific devices as devices will change their IP regularly. And its even worse if I don't pay for a static IPv6 prefix.
I don't know which firewall software you used. But if you use nftables, which support suffix match and conntrack for TCP/UDP, you can block all new (identified by conntrack) income (since privacy extension design for outcome) and allow income with specific suffix (for SLAAC with EUI-64, it will stable), needn't care about which prefix was used.
I'm using opnsense. Can't day I followed your description. Sounds far more complicated than "use NAT", which would solve almost everything.
Actually it's simple than "NAT", technically. Normally when we said "NAT", it's not just NAT (Network Address Translate), but a NAT plus a stateful firewall (see documents below). The conntrack here is a stateful firewall as in "NAT". And compare to create a map from (paddr, pport) to (iaddr, iport) and match the later, it's more simple to just match suffix of address.
But why? What benefit does ipv6 bring to a home network that ipv4 doesn't have?
As you said everything is already setup well with ipv4 so why change it?
I'd read a lot if people saying how good and easy IPv6 was and I thought I'd use it as an opportunity to learn about it.
But turns out the only thing it does is give everything a public IP because the creators were so obsessed about getting rid of NAT. Nothing else seems to have been thought through.
There are IETF mailing list threads where no one has a clue as to why it's not being adopted, including one where they discover their own RFC is inconsistent with itself and that's the reason why IPv4 is given higher priority than fd00::/8. You can tell how half baked it is when you look at the number of revisions, additional protocols that have been added decades after it was initially proposed.
Their hatred of NAT seems to drive everything, but for most home and business users NAT is a great feature that drives so much simplicity by keeping you private networks private and independent of the rest of the internet.
Yeah, NAT is great for home users. Unless your ISP is also using (carrier grade) NAT. Then you're fucked by double NAT and have to call your ISP every time you want to forward a port.
Obviously with IPv6 there's be no need for CGNAT. But NAT within each household or business is useful.
Only real world advantage of IPv6:
::1 vs 127.0.0.1
Please tell me there's something similar for 192.168.0.1
Well, there are actually 3 private address ranges in IPv4.
10.0.0.0 – 10.255.255.255 (10.0.0.0/8)
172.16.0.0 – 172.31.255.255 (172.16.0.0/12)
192.168.0.0 – 192.168.255.255 (192.168.0.0/16)
For IPv6 the rough equivalent is a Unique Local Address.
fc00::/7
it's been the default for my smartphone for years. (t-mobile)
While the hype is less these days, theres more and more thats connected with ipv6. While I do t use it in my home-lab, theres advantages besides nat.
You dont need ipv4 for intent based networking/firewalls, and I guess as a network engineer you know this is the new buzzword for selling equipment.
Source: I pay nerwork engineers and architects
I took my first college network engineering class in the fall of 2000. The professor was retired from the profession and nearly retired as a professor, but so excited about how this cool new thing that was coming. “IP addresses are running out. Imagine an addressing system capable of generating a unique address for every blade of grass on the planet. In a few years you’ll need to learn this new system” I’m sure he’s passed on by now. And I’m sure IPV4 will outlive me.
Is this one of those cases where it takes 20 years for equipment to turn over, so why not just do it?
It's like any new car requirement, it takes 20+ years for the car fleet to turn over, but it's worth it.
IPv6 was introduced 26 years ago, so it will have to be longer than that
That's a very literal read of the concept I was trying to put forward.
I have a decently-sized homelab, and a large home network. I also have IPv6 disabled everywhere. Compared to a normal home network, my config is very complex. (Extensive firewall and routing rules, multiple gateways, multiple subnets and VLANs, inbound traffic filtering, and plenty more.) With the exception of VLANs, IPv6 would require reconfiguring EVERYTHING. What's the advantage?
Bingo!
Now consider a large business with dozens or hundreds of network devices.
Uggh, the chsllenges.
New infra will likely have IP6 enabled, and they'll slowly switch.
AFAIK, IPv6 does not truely address the router memory concern. With so many more addresses and more bytes-per-address in the tables, i imagine it's only a matter of time till we are back to such fundamental woes as "where does this packet go"... but i suppose that is limited by the rate that people buy and move ipv6 address blocks.
There's been only one real purpose of v6 that I've seen being the reason to switch: v4 running out of available addresses. Never seen anything else about v6 being used as any kind of reason to switch. So the only reason we'd ever go over to v6 is because we have to, not because we want to.
