IPv4 is definitely a large part of the blame for this and we need to start resting the blame there in hopes we force these companies (and their users) to actually use it. We need ISPs to support it, of course for end users, but at the enterprise level everything should be IPv6. It should have been IPv6 a decade ago, or more.
We need to start talking about IPv6 as something that is here and now, not some far off future.
IMHO, the biggest issue is setup for SOHO users. Routers for that market have gotten the IPv4 setup wizard process down pretty good. With IPv6, there’s like three different ways your ISP might have set it up, and you need to tell your router which way to go. It’s complicated enough that even people with a solid understanding of IPv4 can be confused trying to figure out what works.
The first time I tried to setup IPv6 on OPNsense, Android phones thought they couldn’t connect to the Internet after getting on WiFi. Something about the endpoint they check for Internet access wasn’t going through. I backed out some settings, and something fixed it, but I’m still not sure what.
I was learning IPv6 in second year Network & Télécom, in 1997. We were running out of IPs back then.
Then we invented proxies and NAT and things got better and nature took its course (it ain’t broke? Don’t fucking touch it).
Sure, nature took its course, but did NATs make things better? I’m a game dev and getting two computers to talk to each other is so so much harder due to NAT traversal, requiring punchthrough servers. Voice chat and stuff need STUN/TURN servers. A game has to account for “what if my host wants to connect two clients, one of which within the NAT and one without?”
Makes far more sense to give every device an address and just talk to it and leave security and port openness up to firewalls.
getting two computers to talk to each other is so so much harder due to NAT traversal
… which is why you will take IPv4 on my home network from my cold, dead hands, and why all IPv6 traffic is blocked in the network that hosts my PC/laptop
So you admit you can block IPv6 traffic in your rebuke to IPv6 adoption. What’s then the issue? Block what you want, it’s your network, but do it with a firewall and not NAT.
IPv4 is definitely a large part of the blame for this and we need to start resting the blame there in hopes we force these companies (and their users) to actually use it. We need ISPs to support it, of course for end users, but at the enterprise level everything should be IPv6. It should have been IPv6 a decade ago, or more.
The good news is that the amount of traffic hitting Google that’s connecting over IPv6 is just about at the 50% mark:
https://www.google.com/intl/en/ipv6/statistics.html
We need to start talking about IPv6 as something that is here and now, not some far off future.
IMHO, the biggest issue is setup for SOHO users. Routers for that market have gotten the IPv4 setup wizard process down pretty good. With IPv6, there’s like three different ways your ISP might have set it up, and you need to tell your router which way to go. It’s complicated enough that even people with a solid understanding of IPv4 can be confused trying to figure out what works.
Further, there’s often not clear documentation from your ISP which of the ways they have it set up!
Definitely.
The first time I tried to setup IPv6 on OPNsense, Android phones thought they couldn’t connect to the Internet after getting on WiFi. Something about the endpoint they check for Internet access wasn’t going through. I backed out some settings, and something fixed it, but I’m still not sure what.
I was learning IPv6 in second year Network & Télécom, in 1997. We were running out of IPs back then.
Then we invented proxies and NAT and things got better and nature took its course (it ain’t broke? Don’t fucking touch it).
Sure, nature took its course, but did NATs make things better? I’m a game dev and getting two computers to talk to each other is so so much harder due to NAT traversal, requiring punchthrough servers. Voice chat and stuff need STUN/TURN servers. A game has to account for “what if my host wants to connect two clients, one of which within the NAT and one without?”
Makes far more sense to give every device an address and just talk to it and leave security and port openness up to firewalls.
… which is why you will take IPv4 on my home network from my cold, dead hands, and why all IPv6 traffic is blocked in the network that hosts my PC/laptop
So you admit you can block IPv6 traffic in your rebuke to IPv6 adoption. What’s then the issue? Block what you want, it’s your network, but do it with a firewall and not NAT.
Thanks for holding us back, champ.
I guess fuck stateful packet inspection as a tool or anything.
NAT isn’t a security measure you know that right?