Now currently I’m not in the workforce, but in the past from my work experience, apprenticeship and temp roles, I’ve always seen ipv4 and not ipv6!

Hell, my ISP seems to exclusively use ipv4 (unless behind nats they’re using ipv6)

Do you think a lot of people stick with the earlier iteration because they have been so familiar with it for a long time?

When you look at a ipv6, it looks menacing with a long string of letters and numbers compared to the more simpler often.

I am aware the IP bucket has gone dry and they gotta bring in a new IP cow with a even bigger bucket, but what do you think? Do you yourself or your firm use ipv4 or 6?

  • @mspencer712@programming.dev
    link
    fedilink
    563 months ago

    Mostly I’m scared I’ll write a firewall rule incorrectly and suddenly expose a bunch of internal infrastructure I thought wasn’t exposed.

  • @nick@midwest.social
    link
    fedilink
    563 months ago

    Cloud infra engineer here.

    Answer: I don’t think about it. Nothing fully supports it, so we pretend it doesn’t exist.

    • kamenLady.
      link
      fedilink
      163 months ago

      That’s exactly my experience with it.

      Some certificates are even annoyed by IPv6 and they won’t install until i remove any trace of it from the DNS. This should also pretty much be the only occasion I’m forced to deal with IPv6, instead of glancing over it while working on the server configs.

      • @nick@midwest.social
        link
        fedilink
        43 months ago

        Well if you want to be the one who retrofits google cloud to support it more widely, go to town. But I’m sure as hell not going to bother, I have other work to do. And also I don’t work at google.

  • @Sundial@lemm.ee
    link
    fedilink
    343 months ago

    People still use IPv4 because companies are slow to adopt new technologies. They see it as a huge money drain and if there is not a visible or tangible benefit to it then they won’t invest in it. IPv6 is definitely a growing technology, it’s just taking it’s sweet time. For reference, currently the IPv4 has just under a million routes in the global routing table while IPv6 has ~216K routes. About 5 years ago it was something like 100K for IPv6 and not much has changed for IPv4.

    I personally do not like the addressing of IPv6. It’s not just the length, but now you have to use colons instead of period to separate the octets which leads to extra key strokes since I have to hold shift to type in a colon. It’s a minor thing, but when networking is your bread and butter it adds up.

    There are also some other concerns with IPv6. Since IPv6 tries to simplify routing by doing things like getting rid of NATing it also opens us up to more remote attacks. It used to be harder to target a specific user or PC that’s behind a NATed IP but now everything is out in the open. I’m sure things will get better as more and more people use it and there will be changes made to the protocol however. It’s just the natural evolution of technology.

    I am very surprised to hear your ISP is not using IPv6. Seems like they’re a little behind the times. Unless they just don’t offer it to residential customers, which is still a bit behind the times too I guess.

    • WheelchairArtist
      link
      fedilink
      28
      edit-2
      3 months ago

      Iv6 doesn’t try to simplify routing and remove nat. that’s just how things work. Nat is a workaround for ipv4.

      Ipv6 is around since 1998. that’s not slow to adopt, at that point it is just plain refusal from some because of the costs you mentionend

      • @Sundial@lemm.ee
        link
        fedilink
        163 months ago

        Ipv6 does simplify routing. It has less headers and therefore less overheard. IPv6 addressed the necessity of NAT by adding an obscene amount of possible IPs. Removing the necessity of NAT also simplifies routing as it’s less that the router has to do.

        Ipv6 as a concept was drafted in the 90s. It didn’t start actually being seriously used until ~2006/7ish.

        • WheelchairArtist
          link
          fedilink
          63 months ago

          IPv6 addressed the necessity of NAT by adding an obscene amount of possible IPs

          that is correct but doesn’t change the fact that nat came afterwards as a workaround und now the ip stack goes back to it’s roots without a nat workaround.

          It didn’t start actually being seriously used until ~2006/7ish.

          true but still nowadays it isn’t even slow anymore just refusal

          • @Sundial@lemm.ee
            link
            fedilink
            23 months ago

            that is correct but doesn’t change the fact that nat came afterwards as a workaround und now the ip stack goes back to it’s roots without a nat workaround.

            And the end result is a simplification for routing.

            true but still nowadays it isn’t even slow anymore just refusal

            That’s just the pace of large scale adoption of new technology. Look at some of the technologies the banking and financial industry uses as an example (ISO 8583 is a great example). ISP’s still support T1 circuits as well.

        • @SkyNTP@lemmy.ml
          link
          fedilink
          -33 months ago

          There are other benefits of NAT, besides address range. Putting devices behind a NAT is hugely beneficial for privacy and security.

          • @tc4m@lemmy.world
            link
            fedilink
            143 months ago

            NAT is not a security feature. Your firewall blocks incoming traffic, not NAT. It introduces new complexity that now needs to be solved.

            In corpo environments you have to struggle with NAT traversal for VoIP communication.

            In home networks “smart” devices attempt to solve it with shit like uPnP and suddenly you get bigger holes in your network security than before. You could find countless home network printers on shodan because of this. Even though (or maybe because) they were “behind” NAT.

          • @chris@l.roofo.cc
            link
            fedilink
            English
            123 months ago

            IPv6 has temporary IPs for privacy reasons. NAT is NOT a firewall. Setting up a real firewall is more secure and gives you more control without things like UPNP and NAT-PMP.

      • @Eyron@lemmy.world
        link
        fedilink
        English
        13 months ago

        Time isn’t the only factor for adoption. Between the adoption of IPv4 and IPv6, the networking stack shifted away from network companies like Novell to the OSes like Windows, which delayed IPv6 support until Vista.

        When IPv4 was adopted, the networking industry was a competitive space. When IPv6 came around, it was becoming stagnant, much like Internet Explorer. It wasn’t until Windows Vista that IPv6 became an option, Windows 7 for professionals to consider it, and another few years later for it to actually deployable in a secure manner (and that’s still questionable).

        Most IT support and developers can even play with IPv6 during the early 2000s because our operating systems and network stacks didn’t support it. Meanwhile, there was a boom of Internet connected devices that only supported IPv4. There are a few other things that affected adoption, but it really was a pretty bad time for IPv6 migration. It’s a little better now, but “better” still isn’t very good.

    • @zurohki@aussie.zone
      link
      fedilink
      English
      73 months ago

      IPv6 has a policy of throwing more address space at stuff to make routing simpler, though.

      IPv4 will individually route tiny slices of address space all over the world, IPv6 just assigns a massive chunk of space in the first place and calls it a day.

  • davel [he/him]
    link
    fedilink
    English
    29
    edit-2
    3 months ago

    I think djb was right, over twenty years ago: The IPv6 mess

    The IPv6 designers made a fundamental conceptual mistake: they designed the IPv6 address space as an alternative to the IPv4 address space, rather than an extension to the IPv4 address space.

    There was an alternative proposal that was backward-compatible with IPv4, but I’ve forgotten the name now.

    • Scrubbles
      link
      fedilink
      English
      243 months ago

      Oh man, that would have been so great. Think of all the networking stacks that could have just been silently upgraded. Just some letters/numbers appended to the front or back. If you only get x bytes then prepend with zeroes. Adoption would have been mostly transparent.

  • We turn it off in our office. It doesn’t benefit us.

    You could also make the argument that ipv4 through NAT is better for privacy since it obfuscate what, and how many devices are connected to where.

    • @tunetardis@lemmy.ca
      link
      fedilink
      English
      133 months ago

      When I was first looking into IPv6, people were talking about how you can self-assign an address by simply wrapping an IPv6 address around your MAC address. But that practice seems to have fallen out of favour, and I’m guessing the reason is, as you say, the whole privacy thing? There’s a lot of pushback these days against any tech that makes it easier to fingerprint your connection.

      • @perviouslyiner@lemmy.world
        link
        fedilink
        9
        edit-2
        3 months ago

        That was so insane - “we need a unique number, let’s just use the MAC” - it was like people didn’t even think through any of the implications when making ipv6 address schemes.

        Similar with the address proposals that ignored the need to minimise the size of core internet routing tables.

        • @just_an_average_joe@lemmy.dbzer0.com
          link
          fedilink
          English
          23 months ago

          Noobie question, wouldn’t the ISP decide what your outgoing IPv6 address is? Like they do with IPv4? I mean no matter how many times I restart my router, my public IP remains the same so I always thought it was assigned by them.

            • @saiarcot895@programming.dev
              link
              fedilink
              English
              13 months ago

              For reference, in the US, Comcast only gives up to a /60 for residential connections. It’s still fine for most use cases, but it does feel a bit like doing a bit of penny pinching when you’re wondering if you have enough /64’s for how your network is going to be set up.

                • @saiarcot895@programming.dev
                  link
                  fedilink
                  English
                  13 months ago

                  Yeah, fortunately, for my own use cases, /60 is enough, but I can’t think of a good reason for Comcast to not give out /56 since they’re pretty cheap compared to IPv4.

    • @zurohki@aussie.zone
      link
      fedilink
      English
      73 months ago

      IPv6 has privacy addresses, though. Stuff on my network generates a new random address every day and uses that address for outgoing connections, so you can’t really track individual devices inside my network.

      • @fuckwit_mcbumcrumble@lemmy.dbzer0.com
        link
        fedilink
        English
        03 months ago

        You can just look at what addresses from that range have left the network in any given 24 hour window.

        If AAAA is constantly reaching our to aussie.zone one day, and the next day AAAB is reaching out to that address you can pretty easily connect the dots.

    • @tetris11@lemmy.ml
      link
      fedilink
      13 months ago

      CGNAT is a feature – organizations tracing an IP back to source have to play bingo with a host of households who may / may not have downloaded that 1 torrent.

  • @Xanvial@lemmy.world
    link
    fedilink
    213 months ago

    Just annoyed when I need to specify port when using IPv6. Needs to add square bracket to workaround ambiguity of colon is kinda bad. How can they decide to use colon instead of another special character??

  • Todd Bonzalez
    link
    fedilink
    203 months ago

    I have IPv6 at home, at work, on my phone, and my hotspot. I have them on my websites and servers. IPv6 is everywhere for me. I use it all the time. Most people do and don’t even realize it.

    IPv4 still reigns supreme on a LAN, because you’re never going to run out of addresses, even if you’re running an enterprise company. IPv6 subnets are usually handed out to routers, so DHCPv6 can manage that address space and you don’t need to know anything unless you’re forwarding ports on IPv6.

    For the Internet, just use hostnames. There’s literally zero reason to memorize a WAN address when it could be an A/AAAA record.

  • Company currently uses IPv6! For awhile firewall rules kept biting us as we’d realize something worked in ipv4 but not IPv6 but now I forget it’s even a thing really.

    I once paid for a vpc host that was exclusively IPv6 and was shocked how many things broke. I was using it for a discord bot and the discord api didn’t even properly support IPv6 …

  • @esc27@lemmy.world
    link
    fedilink
    18
    edit-2
    3 months ago

    IPv6 is now twice as old as IPv4 was when IPv6 was introduced. 20 years ago I worried about needing to support it. Now I don’t even think about it at all.

  • @nutsack@lemmy.world
    link
    fedilink
    17
    edit-2
    3 months ago

    a teammate implemented it because he thought it would be a good resume project. it added more maintenance work to a lot of pieces, forever. there is no measurable benefit to the business

  • @darklamer@lemmy.dbzer0.com
    link
    fedilink
    143 months ago

    Both my employer and my home ISP use IPv6 since many years now and so does all my own stuff, it’s wonderfully convenient to have a globally unique address for everything that I connect to the network.

  • @PetteriPano@lemmy.world
    link
    fedilink
    133 months ago

    IPv6 was “just around the corner” when I was studying 20+ years ago. I kept a tunnel up until the brokers shut down.

    I’ve been hosting some big (partly proprietary) services for work, and we’ve been IPv6 compatible for a decade.

    My ISP finally gave me native IPv6 earlier this year, which gave me the push to make sure my personal hosting does IPv6 as well. Seems like most big players services support it today. It’s nice to not have the overhead that CGNAT brings.

    IPv6 got a bit of a bad reputation when operating systems defaulted to 6to4 translation but never actually managed to work.

  • @TORFdot0@lemmy.world
    link
    fedilink
    English
    123 months ago

    A lot of networks were designed with ipv4 and NAT in mind. There really isn’t a cost benefit to migrate all your DHCP scopes, VLANs, Subnets, and firewall rules to IPv6 and then also migrate 1000’s of endpoints to it.

    Much cheaper to just disable ipv6 entirely on the internal network (to prevent attacks using a rogue dhcpv6 server etc) and only use ipv6 on your WAN connections if you have to use it.

  • @wizardbeard@lemmy.dbzer0.com
    link
    fedilink
    English
    113 months ago

    With NAT existing, I’m not sure there’s a significant reason to switch anymore.

    Plus the “surprise” privacy and security benefits of just… not having every network connected device directly addressable by anyone else on the global network. The face of the internet and networking in general, plus the security and safety concerns around it, have changed dramatically since v6 was first created.

    • @tc4m@lemmy.world
      link
      fedilink
      143 months ago

      NAT is just security by obscurity and actually not really security at all. What’s protecting you from incoming scans, etc is your network firewall. That firewall works just the same for IPv6. Blocking incoming traffic for your home network is usually the default setting in your ISP issued router anyway.

      Working as a network engineer, NAT in a large scale customer environment can quickly devolve into a clusterfuck. Many times we had week long reachability issues due to intermediate ISPs NATing unexpectedly.

      My nemesis is GCNAT, which adds another layer of NAT because some ISPs don’t have enough public IP space for all their customers to go around.

      I have a customer where their ISP just assigned one of their locations public IPv4 addresses. Neither the customer, nor the ISP owned that address space. Their logic was that this address space is registered on a different continent, so it’s basically fair game to use it themselves. Granted, they only route it internally for a MPLS network, but still…

      What I’m getting at is that NAT increases complexity and breaks properly routed end to end connections. Everyone kinda fucks up with NAT, especially ISPs (in my opinion anyway).

      I can really recommend the IPv6 study material from the major internet registries (took the v6 courses from RIPE NCC myself).

      IPv6 is so much simpler for subnetting, writing firewall rules,… IMO the addresses just look kinda clunky.

      • davel [he/him]
        link
        fedilink
        English
        43 months ago

        NAT is just security by obscurity and actually not really security at all.

        “Security” was not the purpose of NAT. That was just a side effect that became overly relied on out of convenience.