Transcript
False meme image that says “bad news ipv4 fans. linus torvalds has announced removing ipv4 support from the linux kernel after the maintainers of the network stack got into a fight over WHAT KIND OF HRT gives the best results. this incident will impact 5 billion people and will make 95% of all network equipment on Earth binnable.” with fake screenshots of the linux kernel mailing list a girl calling another one a slur from 4chan over HRT choices and Linus Torvalds saying he will drop IPv4 support and asking the maintainers to learn to shut the fuck up.


I’ve encountered way too many administrators and network admins who swear that “IPv6 does nothing but cause trouble” but the truth is, the trouble it’s causing is because you can’t half-implement IPv6. You either roll it out to the whole network or you don’t, and the longer you kick that can down the road the harder it’s going to be.
Basically too many professionals who haven’t learned a new technology since 2005 and refuse to try new things keep holding the world back
I will happily enable and use it once doing so doesn’t break any of my connectivity.
I’m not managing an enterprise network, it’s just my home, but my ISP doesn’t support IPv6 so that’s one extra layer of complexity right off the hop. On top of that internal services switch which previously required no manual configuration just seem to randomly not work.
IPv6 is not going to see widespread adoption unless it can be implemented completely transparently for the end user, full stop.
IPv6 is widely adopted
I don’t even have an ipv6 address, my ISP doesn’t provide them yet. Not much to do about it then lol.
You can maybe change ISP
I wish I could but I’m afraid it’s not possible at this address and it’s not something I’m going to move for
I think what those admins really mean to say is “We don’t need any of the benefits of IPv6, so IPv4 works just fine and making the large scale change is trouble.”, when you already got your DHCP, NAT, Firewall and stuff up and things do work as expected then you don’t really need NDP or SLAAC.
The issue for me is when I have it enabled and try to connect to a site that doesn’t support it fully (same thing / half assed) and the site doesn’t work properly. For home its my wife and kids that complain, when its the office then everyone complains. I get the blame for failed connections or things not working right when a fully compliant IPv6 site works just fine.
Now I am not perfect so It could be me but I have read up and learned as much as possible. No expert but I did deploy DHCPv6 in a test environment. However there is no reason as of yet to deploy DHCPv6 locally since the address space is so wide. Just saying Its possible that the issue is me but from my understanding its like the U.S.A. switching to metric. Parts of us tried it but others didn’t and thus we failed as a giant group.
I think there needs to be a big ass push and force everyone to switch as the same time. I know some of the old devices may not work however those devices have to be 20+ years by now.
Can’t even attempt to learn it if my ISP won’t provide addresses though.
Not been able to use it to even try, but doesn’t IPv6 not have subnets at all? No 192.168.1.1 on your local network with a different public facing 85.136.52.142 (and with NAT444 you also have ISP facing 10.183.23.6). So does your ISP provide you a range of IPv6 addresses?
Yes, your ISP provides you a large quantity of adresses. Not really, the adresses has several parts. Your ISP provides you with the prefix. Your devices complete the rest of the address automatically. You can also use a DHCPv6 server, but I don’t and some devices don’t support it anyway. Yes, all those adresses are globally routable, they are “Internet” adresses. You can still use locally routable adresses too if you want, called Unique local address (look it up on Wikipedia), but that requires manual configuration.
I don’t think unique local addresses require manual configuration. On linux at least, I get an
fe80::address derived from the interface’s MAC address even if there it can’t find any router. If the host receives a router advertisement, it will add a local address (the same suffix as the fe80 but with afd8b:something::/64)and the “internet”2003::.I’m not an expert and this may be just the configuration of my router, but all my linux installs automatically got these three addresses without manual configuration or issues.
That’s SLAAC not a ULA
That’s a link local address [0].
That’s a ULA [1]
This one is a globally routable address (Global Unicast Address, or GUA) [2].
As you observed, link-local addresses are generated completely independently. ULAs and GUAs are self-assigned using SLAAC or assigned by a server using DHCPv6 after your host has seen a router.
For a GUA or ULA to be assigned, the router or DHCP server has to have a prefix delegated to it. A GUA prefix would come from your ISP. A ULA prefix would be configured on the router itself. If yours has one without you setting it up, maybe it does that by default?
[0] https://en.wikipedia.org/wiki/Link-local_address [1] https://en.wikipedia.org/wiki/Unique_local_address [2] https://www.iana.org/assignments/ipv6-unicast-address-assignments/ipv6-unicast-address-assignments.xhtml
Yeah, I guess my router just decided on an ULA prefix on its own. Thank you for providing the right terminology and explaining how a host gets these addresses.
You are confusing unique local adresses and link local addresses. Unique local adresses can only be configured manually or, in theory, with DHCPv6. On Debian, I edit the file “/etc/network/interfaces.d/<interface name>”:
This gives you: autoconfigured IPv4 address, autoconfigured (slaac) IPv6 address, an IPv6 unique local address, temporary IPv6 adresses (privacy extensions) and your IPv6 link local address.
Correct, the ISP would assign you a /56 of public IPs that all share a prefix which you can slice and dice into however you see fit. All devices receive a publicly routable IP which your router/firewall would limit access to. So no running out of IPs ever, no network/IP collisions if you have to connect to another private network, etc.
Why can’t you just use it on your local network? Don’t need ISP for that.
A single IPv6 prefix has 2^64 addresses
If it ain’t broke…
Imagine arguing that ‘solutions’ like NAT444 isn’t broke as fuck
Well… yeah, why wouldn’t that be “broke as fuck”?
I always bring it up when the network is experiencing problems that they wouldn’t have with IPv6. Running out of IPs in a given scope, increasing costs of public IPs, etc.
^ the admin holding the entire world back
Oh, if only I had that kind of power :D
“IPv4 is running out of IP addresses so therefore every local network needs to move to IPv6” is a full clown move.
First of all, enterprises usually have at least one public IP (the one I work at right now has more public IPs than they have server VMs)
Secondly enterprises have big enough and complex enough networks to see other benefits of IPv6. For example IPv4 has some problems when broadcast domains are too large, so your internal network sizes are artificially limited when following best practices. Without private networks you don’t have to worry about IP collisions between different private networks that you have to route between (comes up more than you’d think!) etc etc.
IPv6 is literally designed to solve the scalability issues with IPv6