I spent a week without IPv4 (2023)

Posted by mahirsaid 12/20/2025

I spent a week without IPv4 (2023)(www.apalrd.net)

168 points | 360 commentspage 3

1970-01-01 12/20/2025|

I have firsthand experience doing that experiment about 3 months ago. Completely removed my IP4 DHCP lease from my ISP at the router. About 50% of the public sites I tried to visit didn't resolve. So many public sites, that I gave up and went back to dual stack after just a day. Google, ChatGPT, and a few other popular sites were fine with pure IPv6 traffic, however sites like eBay and even HN did not resolve. IPv6 simply is still not ready for everyone to just transition into overnight.

whatevaa 12/21/2025|

A bit ironic that HN did not resolve.

tlogan 12/20/2025||

As a normal user: why do I need IPv6?

As far as I know, the majority of websites (about 70%) do not support IPv6.

badgersnake 12/20/2025||

I don’t think that’s true. But of course it depends how you’re measure the majority of websites.

Most of the figures I see show 60-70% of the top 100 sites do support it. But maybe that does not reflect your usage.

Why do you need it? Maybe you don’t right now since ipv6 only sites are niche. The most tangible advantage I’ve seen is avoiding CGNAT. Gamers in particular don’t like that because it introduces latency. Services like Xbox live definitely do support ipv6 for this reason.

jeroenhd 12/20/2025|||

Depends on your ISP. If you live in a place where there aren't many IPv4 addresses available, CGNAT is the reason you're seeing a lot of Cloudflare/Akamai/Google CAPTCHAs everywhere, and IPv6 fixes that.

calvinmorrison 12/21/2025||

same reasons northern europeans had to invent all sorts of fancy food preservation and complex power struggle societies revolving around crop limitations and war.

Meanwhile closer to the equator, much less progress was needed to live and let live.

In short, Americans are native tribes. we have plentiful IPV4 and couldnt care less about SLAAC or whatever other complex moon sun and seasonal tide gods, salted codfish and salt mining operations. we just dont need to care about long addresses, they're plentiful here.

paulddraper 12/20/2025||

You need it because there aren’t enough IPv4.

If you have a mobile device with data, you’re likely already using it.

sethops1 12/20/2025||

Do we really need all the mobile phones and IoT devices of the world to be publicly addressable? Is that even a good thing?

paulddraper 12/20/2025||

If you want to use the internet, you need an IP address.

You can share that IP address by putting multiple hosts on the same local network and using parts of the transport later. NAT was invented because of lacking enough addresses.

buggjenrmf 12/21/2025||

CGNAT is a guarantee that you have plausible deniability on the internet. NAT is also a guarantee that you are not addressable from the internet.

It’s a feature.

paulddraper 12/22/2025||

Until it isn't.

If I want to send you a message (an email), I have to go through some other party.

If I want to see what my home security cameras show, I have to go though some other party.

daft_pink 12/21/2025||

I feel this doesn’t really address whether we are losing something privacy or security related by not having NAT. I think my main devices are always updated Mac iPhone or iPad and can handle it, but do I really want my thermostat or doorbell or lock or garage door opener or light switch directly accessible on the Internet or is the nat serving a useful purpose? I don’t feel like this is addressed in this article.

yjftsjthsd-h 12/21/2025|

> but do I really want my thermostat or doorbell or lock or garage door opener or light switch directly accessible on the Internet or is the nat serving a useful purpose?

You should have a firewall, regardless of v4/v6.

mzajc 12/21/2025||

You should, but the exposure from having no firewall is much higher without NAT. Packets with private network IPs are martians on the internet and will not find their way to your device unless they come from the same network and the ISP's infrastructure doesn't drop them. IPv6 addresses are routable across the internet so the packets will most likely get to your router, meaning anyone on the internet can talk to your LAN in the absence of a firewall.

The reality is that consumer router firmware is horrible in every aspect, especially security, and this isn't going to change with IPv6 rollout. I fear the most likely scenario is that ISPs will set up inbound firewalls on their end, and then we'll be even worse off than we are right now.

jcgl 12/23/2025||

Those naughty incoming packets can hit your private devices even with NAT-without-state full-firewall. The details depend on how your NAT actually implements the translation, but it’s perfectly possible for $randomHighPort to send all its incoming traffic straight to some device. Said another way, a NAT is not guaranteed to do something like match entries based on the layer 4 4-tuple.

layer8 12/20/2025||

If Google would announce that Chrome is dropping IPv4 support in n months, that would probably get things moving. ;)

stevekemp 12/20/2025||

I guess it would, but remember there are more services out there than just HTTP(S).

For example the last time I had an IPv6-only host I had issues cloning things from github, as "git clone git@github.com..." failed due to github.com not having IPv6 records.

A quick search revealed this open 3+ year old discussion - https://github.com/orgs/community/discussions/10539

Dagger2 12/23/2025|||

A quick workaround for that is to use one of the DNS servers from https://nat64.net/. There are also people running reverse proxies specifically for GitHub, e.g. https://danwin1210.de/github-ipv6-proxy.php.

(Ideally your ISP would be running NAT64 for you, especially if it's a VPS provider only giving you v6, but for whatever reason few of them do...)

buggjenrmf 12/21/2025|||

You’re in luck, github is in the process of moving to azure!

lostmsu 12/21/2025||

Would have to be ChatGPT these days.

topranks 12/21/2025||

Dual-stack with a public IPv4 address is by far a preferable way to access the v4 internet than being stuck behind a provider NAT64 box.

Totally understand why carriers may want IPv6 mostly and a v4-free core. But as an end user dual stack just seems simpler.

jcgl 12/23/2025|

Providers can do v6-only in their core while still providing public v4 to users. SIIT if they can still afford a public IP per customer, and MAP-T if they can’t.

jcgl 12/23/2025||

Misspoke: more like a CLAT thing/464XLAT, rather than SIIT, I think

jyscao 12/20/2025||

I need to switch my home network to at least use IPv6 externally, because my ISP recently deployed CG-NAT, which made my SSH server that used to work no longer reachable from outside of my LAN.

bakugo 12/20/2025|

You can use a NAT-traversing VPN like tailscale to work around this.

martinald 12/21/2025||

Interesting. I did finally find a use for IPv6 which I wrote up here: https://martinalderson.com/posts/i-finally-found-a-use-for-i...

Tbh though the docker problems are very serious and extremely painful to work around. Everything works great apart from Docker which has so many issues - it does not handle IPv6 inbound but IPv4 out well at all (at least as far as I can tell!).

beAbU 12/21/2025||

My previous fibre provider in Ireland was Virgin, and as far as I could tell, it was fully IPV6. Every device in my network got a public address, and self hosting stuff from home as was easy as setting up an A record at my DNS host. No faffing around with port forwarding, proxying, nat bullshit or whatever. My memory is hazy, but there might have been some firewall stuff I had to do on the virgin supplied router.

self_awareness 12/21/2025||

My ISP has IPv6 since years and I'm on 6 as well.

NAT-less network is really cool, I can serve content directly from anything from my LAN.

We should really leave IPv4 and move on.

razighter777 12/20/2025|

The workarounds we need to enable P2P communication on the internet are a shame... we need turn, stun, webrtc, all this stuff so two computers can talk without a dedicated port forward or public ipv4.

ipv6 is a beautiful protocol, (not perfect, but elegant) with a lot going for it. But the momentum of ipv4 is just too strong.

It's a mess... with no good solution. I tried to turn off ipv4 and github (shame on you) stopped working. But what are we supposed to do? Have the government mandate everyone switch? (oh wait half of US government websites are ipv4 only)

We did this to ourselves...

More comments...