I spent a week without IPv4 (2023)

Posted by mahirsaid 3 days ago

I spent a week without IPv4 (2023)(www.apalrd.net)

164 points | 352 commentspage 4

razighter777 3 days ago|

The workarounds we need to enable P2P communication on the internet are a shame... we need turn, stun, webrtc, all this stuff so two computers can talk without a dedicated port forward or public ipv4.

ipv6 is a beautiful protocol, (not perfect, but elegant) with a lot going for it. But the momentum of ipv4 is just too strong.

It's a mess... with no good solution. I tried to turn off ipv4 and github (shame on you) stopped working. But what are we supposed to do? Have the government mandate everyone switch? (oh wait half of US government websites are ipv4 only)

We did this to ourselves...

illusive4080 2 days ago||

AWS doesn’t offer PTR records for IPv6 addresses, which makes Gmail blacklist my email server’s IPv6 address. I had to disable IPv6 due to lack of PTR records.

buggjenrmf 2 days ago|

Not being able to setup a spam server in aws is a feature.

illusive4080 2 days ago||

It’s not a spam server. I self host email for personal and non marketing business use. Don’t assume everyone running their own email is a spammer.

ChrisMarshallNY 3 days ago||

I'm pretty underwhelmed by IPv6. It looks like the typical "horse designed by committee."

I suspect that what will actually end up being implemented, will be a core subset of the spec.

We'll have to see what's still standing, when the dust settles.

jeroenhd 3 days ago||

The IPv6 spec looks long because it also includes protocols that are separate on IPv4 (DHCP/SLAAC, NDP, depending on the document ICMPv6, mirroring DHCP, ARP, ICMP, NetBIOS, etc.), as well as the addressing schemes that were different RFCs in IPv4 such as multicast/unicast/network classes/subnets.

As for the implementation: just about anything more powerful than an ESP32 has the entire protocol implemented and running already.

ChrisMarshallNY 3 days ago||

As long as the SDKs to apps make it simple, we'll be good. I haven't seen much, so far.

jcgl 11 hours ago||

What do you mean? Apps for iOS and macOS have had perfect v6 support for a long time because of this. Linux has unified address families for netfilter and internet sockets that abstract the details. Various programming languages have perfectly fleshed out standard library data structures and functions, etc etc.

db48x 3 days ago||

Your computer, and every other computer on the planet, already supports the entire IPv6 spec. There is no subset.

yjftsjthsd-h 2 days ago|||

I'm typing this on a computer running Android, which means it doesn't support DHCPv6. I would describe it as supporting a subset of IPv6 functionality.

db48x 2 days ago||

I suppose that could be annoying, but technically DHCPv6 is not part of the IPv6 specification just as the original DHCP was not part of the original TCP/IP specification.

ChrisMarshallNY 3 days ago|||

Well, we'll have to see what all the "in-between" bits do. There's a lot in it, that will require implementation by countless layers of routers, switches, caches, firewalls, etc.

Look at Bluetooth, for an example, or TIFF.

I printed out the Bluetooth spec once, just for Ss and Gs. It was over 2,000 pages (double-sided).

I once tried writing a fully-compliant TIFF reader. Didn't go so well.

db48x 3 days ago||

Those all support IPv6 too. They’re the same computers, and they’ve all supported IPv6 for decades now. The IPv6 spec is a lot shorter than the spec for Bluetooth or TIFF.

ChrisMarshallNY 3 days ago||

Just because the physical and link layers support it, doesn't mean the application layer will.

You could say the same for Bluetooth chips.

I've seen stuff, man...

kalleboo 2 days ago||

Apple requires that all iOS apps on the store function on an IPv6-only network (which is how several large mobile phone networks work), and everything works fine on the application layer.

ChrisMarshallNY 2 days ago||

Huh. I believe that, but didn’t know it (I write apps for Apple kit). I have done low-level networking stuff that would definitely have run into issues, but that was over ten years ago. These days, I rely on the upper layer of the stack.

I really should try an exercise like the one the author did. I’m not necessarily against IPv6, but I’m still a bit skeptical of it. We’ll likely be forced into it, as there’s no alternative, but that’s not exactly a ringing endorsement.

kalleboo 2 days ago|||

My carrier (NTT docomo in Japan) only provides IPv6 to the end device. Access to IPv4 servers is through DNS64/NAT64, where their DNS server rewrites any DNS response that has an IPv4 in it to [64:ff9b::(the IPv4)] which gets handled by a CGNAT gateway. So anything that looks up a server over DNS and connects to that works fine, but any hard-coded IPv4 address does not.

I presume Apples requirement is there so that all apps work on carriers like this.

The only times I've run into issues is when tethering and forgetting I can't ping an IPv4, or trying to tether a Nintendo Switch (which does not support IPv6)

Dagger2 2 days ago|||

If your low-level networking code (I assume you mean BSD sockets here) is correct, it shouldn't even need to be aware of v4 or v6. The BSD socket API is designed so that the addresses are in an opaque data structure that you just pass around.

ChrisMarshallNY 2 days ago||

Back when, I did BSD sockets stuff, but generally stay above that, these days.

You're right, and that's my plan.

I have heard, however, that quite a few folks stuck their oars into the IPv6 spec process. I've seen that kind of process before, and the end result can be ... less than ideal ...

sneak 2 days ago||

I tried that, but my HN addiction ended it.

ianburrell 2 days ago|

HN has IPv6 now.

If Reddit would finish adding IPv6, almost all of my browsing would be IPv6.

avidiax 3 days ago||

People keep saying that IPv6 allows you to more easily host services, but you still have to support IPv4.

Try connecting to your IPv6-only service on Hotel WiFi -- you usually can't.

It's unfortunate, but IPv6 doesn't really solve any problems for a home user. And I say this as someone that has deployed IPv6 at home before.

mattypg 3 days ago||

> It's unfortunate, but IPv6 doesn't really solve any problems for a home user.

CG-NAT and strict NAT in general. Newer ISPs often force users onto CG-NAT, and my consoles have had numerous issues with NAT in general over the years. ISP routers also often make fixing this an opaque or impossible problem for the user.

I don’t think IPv6 is the best thing ever, but I do think it solves the problems IPv4 did along with some annoying issues IPv4 struggled with.

brandonkal 3 days ago||

It does make it easier. IPv6 pinholes are simpler than port forwarding. My IPv4 is not static but my IPv6 prefix is. So I don’t need dynamic DNS. I have no IPv4 port forwards, instead I run snid on a VPS to support legacy internet clients and call it a day.

avidiax 3 days ago||

https://github.com/AGWA/snid

So you basically have a cloud server and a domain with a wildcard record, and you then forward IPv4 through IPv6?

I think this somewhat proves my point that IPv6 doesn't solve much for self-hosting. You still need some kind of working IPv4 setup. You are using IPv6 in place of either a reverse proxy or something like tailscale, which I suppose is more convenient.

ctippett 2 days ago||

Every few years I check to see how far away Virgin Media are from offering IPv6. Just checked again... nope!

https://www.havevirginmediaenabledipv6yet.co.uk/

kachapopopow 3 days ago||

the reason why I explicitely disable ipv6 cause "this shit don't work" (at the moment, will probably change in the future)

- random slowdowns

- horrible routing

- larger packet overhead

- hated by a lot of the people who run the internet

- hated by companies who provide ddos protection

- my poor TCAM cache in my budget routers

- supporting ipv6 is really expensive in chassis routers

However, I believe there is a solution: Swap ISP's to IPv6 only, swap to IPv4 unless there is an IPv6 route present then directly forward. This solves quite a few issues: Once every ISP has IPv6 you can drop ipv4 and swap directly to ipv6 without having to split your TCAM. This works because IPv6 can encode IPv4 in it.

jrm4 3 days ago|

Hot take: IPv4 might be techinically worse, but it's "politically" (in the classic sense of the word) better.

IPv6 essentially enables "universal internet IDs" for every device, which could streamline a lot of things, but enable a lot of weird surveillance/power balance issues that the cruft of IPv4 is actually incidentally helping guard against.

Again, I'm old enough to remember when e.g. the ISPs were going to try to charge per device in each household.

ninkendo 3 days ago||

This hasn’t been the case in decades, every OS defaults to randomly generating the trailing 64 bits of your address and cycling through new addresses periodically. Your IPv6 address is only fixed to your device if you choose to configure it that way.

Since the network half (leading 64 bits) is as fixed as your IPv4 address was, and the host half is random and constantly changing, an IPv6 address is exactly as uniquely identifying as an IPv4 address used to be.

nebalee 2 days ago||

Afaik, at least Fedora has the privacy extensions disabled by default.

blahaj 3 days ago||

> Again, I'm old enough to remember when e.g. the ISPs were going to try to charge per device in each household.

I don't really see that coming again and if it does you can just do NAT66 just like you can do NAT4.

jrm4 3 days ago||

You and I can, yes.

But, network effects.

jcgl 11 hours ago|||

What network effects? Like a sibling comment already pointed out, privacy addresses come standard on all consumer OSes.

blahaj 1 day ago|||

If ISPs would try charging per device with IPv6, NAT66 routers would just become an off the shelf product. You can just sell a black box to people that solves the issue.

But more generally, I think times have changed enough for per device billing not being a viable approach anymore.