IP Addresses Through 2025

Posted by petercooper 8 hours ago

IP Addresses Through 2025(www.potaroo.net)

131 points | 83 commentspage 2

jakey_bakey 5 hours ago|

It always sends me to sleep when IP enthusiasts lament the lack of adoption for IPv6.

It's obvious to anyone that looks at the two formats that any kind of hacky workaround like NAT gateways will be preferable indefinitely to actually adopting the monstrosity that is IPv6.

shmerl 5 hours ago|

NAT is the monstrosity, not IPv6.

dist-epoch 4 hours ago||

But has the nice side-effect of working as a firewall, before traffic gets to you.

RiverCrochet 2 hours ago|||

- Did you disable UPnP on your router? If not, any device behind the router can simply ask the router to open a port, typically without authentication, bypassing this "firewall" completely.

- TURN and STUN trivially bypass this side-effect, and a side effect of that is a third party has to often be involved, which can be collecting data later leaked or used against you.

- The monstrosity of NAT is that it's the core thing that drives centralization - because of NAT any two Internet hosts generally have to involve a third party to communicate, a third party which again, can be collecting data later leaked or used against you.

If you don't care about the security implications of the above, then you don't really care about the "firewall" either.

cyberax 1 hour ago||

I've yet to see UPnP work...

ianburrell 3 hours ago||||

IPv6 routers use a stateful firewall just like NAT includes. Just without the problems of NAT.

simoncion 3 hours ago||

As a bonus, because most (nearly all?) SOHO IPv6 routers are Linux under the hood, they are also capable of IPv6 NAT.

MaKey 2 hours ago||

I doubt that most consumer routers expose this functionality. IPv6 NAT is rarely needed and should be avoided. Interestingly enough I stumbled upon a use case today. No IPv6 connectivity at my office but at my dad's house. Since a WireGuard tunnel is layer 3 I can't use router advertisements and the prefix is dynamic, so private IPv6 addresses and NAT66 it is. It was an exercise out of curiosity though, route64.org works much better for IPv6 connectivity.

shmerl 4 hours ago||||

No, it does not. Always use a firewall if you need a firewall. NAT is not a replacement for it.

9rx 4 hours ago|||

NAT has the side-effect of working as a shower curtain. It will mostly keep light drops of water out, but will not stand up to a fire.

alexinavar 6 hours ago||

Unrelated to the post, but please include a viewport tag[0] on your website; it's one line of code that makes things far easier to read on mobile.

[0]: `<meta content="initial-scale=1,width=device-width" name="viewport">`

chrismorgan 5 hours ago||

I’m curious about that meta viewport declaration and where it came from: I don’t believe I’ve ever seen it in that order. The customary ordering has the attributes and content properties all reversed:

  <meta name="viewport" content="width=device-width,initial-scale=1">

kccqzy 3 hours ago||

No. You either design the site to be fully responsive (which would necessarily include CSS changes), or leave out that line. If your CSS assumes a desktop layout, it is strictly better not to set the viewport width to device-width so that the mobile browsers will use the traditional desktop viewport and the user can zoom around without anything broken. In contrast, carelessly slapping that line without CSS changes will often lead to content being clipped and invisible on mobile. This is why I have a bookmarklet to delete any viewport meta elements.

Ericson2314 7 hours ago||

Really need governments to start pushing harder on IPv6 adoption. We need sticks, not just carrots. My favorite is chaos engineering forced IPv4 downtime.

dunder_cat 4 hours ago||

In the US, I really want the FCC to mandate that an ISP provides IPv6 connectivity in order to meet the criteria to be considered broadband (and access the subsidies related to that). Don't even care if the functionality is off by default / you have to call and agree the routing may be sub-optimal, whatever. I currently use HE tunnels but on top of additional latency, the HE <-> Cogent peering dispute still makes it difficult to access services over IPv6.

ianburrell 3 hours ago||

There should be rule that ISP with CGNAT must offer IPv6 as an alternative. The US doesn't use CGNAT as much as other countries, but would help people stuck behind crappy CGNAT.

patmorgan23 2 hours ago||

Yeah I this is the bigger issue. CG-NATs break things, you shouldn't be able to sell a pooled IP CG-NAT only service as broadband connection. Looking at you MetroNet

autoexec 3 hours ago|||

Nah, we just need actual carrots. If something new is better than what people currently have, and you make it easy for them to get the new thing, people will naturally abandon the old thing. They'll do it happily. In fact, it will be hard to stop them from abandoning the old thing for the new thing.

IPv6 has failed at being better, being accessible, or both. Rather than punish people for failing to adopt something that isn't better or easy to get, either improve IPv6 so that it's actually attractive or admit defeat and start work on the next version that people will genuinely want.

The moment you start thinking "Let's make what people have now worse until they move to this other thing they don't want" its an admission that whatever you're pushing people to is shit.

bigstrat2003 3 hours ago||

> IPv6 has failed at being better, being accessible, or both.

I don't agree that it has. IPv6 is clearly better (no collisions between address space and thus no NAT requirement), and it's perfectly accessible to anyone who actually tries. I'm not by any means a top tier network guy but even to me IPv6 is dead easy to setup. The problem with the v6 transition is that people have very inaccurate views on one or both of those points (usually they falsely believe NAT provides security benefits, or they falsely believe IPv6 is a difficult thing to implement). I'm not sure how to fix this widespread misinformation but that is the problem from what I've seen.

autoexec 3 hours ago|||

IPv6 primarily solves a problem that most people either don't have ("I have IPv4 IPs already") or don't care about ("I don't know/care what my IP is") and it introduces a bunch of problems people didn't have before like worries over comparability with existing hardware/software (improving all the time) or even just "now I have to spend a bunch of time learning about how to correctly and securely implement this on my network" (still a problem)

Maybe one day in the distant future, IPv4 collisions/shortages will be an actual problem for most people. If that happens, those people will naturally make the switch. Until then, why would they?

It turns out a bunch of people actually like NAT. They like it so much that they pushed for solutions like NAT66 so that they can keep it even after switching to IPv6.

If IPv6 offered substantially better security/privacy, speeds, reliability, or introduced some new killer feature people didn't even know they wanted until they learned about it there wouldn't be any reason to try to force people to move to v6. Because it doesn't do any of that, and most people are happy with IPv4, they'll stick with what has been working for them.

fpoling 2 hours ago|||

Even 15 years ago IPv6 was much worse than IPv4 for most of the people. Only when the mobile operators has started to insist on it then the usage started to grow to significant numbers. Which showed the real problem with IPv6: lack of compatibility with IPv4. That was absolutely possible 30 years ago, but the designers decided that it would just complicate things.

ianburrell 3 hours ago|||

The US government is pushing IPv6 for government sites and contractors.

I think there needs to be a push for IPv6-first networks for companies. ISPs in the US are pretty good about IPv6. But network engineers learned IPv4, and don't want to change what works, so companies lag behind. Changing existing networks is hard, but IPv6 is good candidate for new networks. This includes writing docs and eventually the education so IPv6 is the default.

dorfsmay 6 hours ago||

Or we should start a wall of shame of services not available on IPv6.

apearson 6 hours ago||

https://whynoipv6.com/

johnisgood 6 hours ago||

What holds them back though? Even my shitty self-hosted website on a not-so-known VPS supports IPv6.

apearson 6 hours ago|||

I'm assuming priorities and convincing the old guard it's something to do

zorpner 5 hours ago|||

It provides no benefit, so even the smallest amount of added complexity or additional engineering effort required isn't worthwhile.

johnisgood 4 hours ago||

I did not have to put any additional engineering effort into it though.

tredre3 2 hours ago||

Because in your own words what you built is "a shitty self-hosted website", not a complex web of distributed services that need to talk to each-other.

ramon156 7 hours ago||

Unrelated to the post, but I love the left texture when I'm on vertical tab mode in FF. Very cool

Imustaskforhelp 7 hours ago|

I am on zen which you can consider to be as vertical tab mode in FF as well (considering zen is based on FF) (but all be it, I love how slick zen looks! Zen is amazing)

And I have the same texture too! I hadn't observed it until your message

seszett 6 hours ago||

Unless I misunderstand something, that texture is not especially related to Firefox or vertical tabs.

I have it both under Firefox or Chromium, and whether my tabs are vertical or not. It's just the website's background.

chromehearts 7 hours ago||

IPv6 will change the world. Believe in it

grishka 4 hours ago|

How many more decades will I have to wait to have IPv6 from my ISP though?

simoncion 3 hours ago||

Try switching ISPs. [0] Even Comcast provided me IPv6 service fifteen, twenty years ago.

[0] Yes, I am aware that that's simply not possible for most folks. I used to be most folks, so I definitely know.

neoromantique 6 hours ago|

how realistic is it to buy a block in 2026 as an individual? I understand that it is useless, but how much so

zamadatix 5 hours ago|

Different RIRs & LIRs have different policies, but the "foolproof" way is to just set up an LLC and register resources through that. There are usually renewal fees as well. If you're not hoping to be able to sell them after you get them, a careful reading of RIR policies can usually net you one or two /24s without needing to buy any blocks.

In either case, if you end up with internet resources you can trawl through sites like https://bgp.services/ to find a cheap VPS provider near you that supports peering. I run my own AS and advertise 3 network blocks (2 IPv4 + 1 IPv6) out of 2 different DCs for several hundred $ per year all in all (including renewal fees, VPS, taxes, etc).