>Individual economies such as India, Viet Nam, and Saudi Arabia exhibit adoption curves that differ markedly from the global average. As the APNIC Labs data shows, this global trend does not necessarily reflect the experience of individual economies.
>APNIC’s own measurement records a 42% worldwide IPv6 capability (Figure 2). That’s a substantial difference, which also needs clarifying."
The nuance is that IPv6 is growing faster in developing countries with poorer economies. I'm guessing this is because building modern IPv6 network from scratch is cheaper & more efficient than acquiring scarce and expensive IPv4 addresses. This is a major advantage for newer providers in growing economies.
So while the Google is showing it at 50%, APNIC's weighted global measurement shows it at 42%.
[1] https://www.google.com/intl/en/ipv6/statistics.html#tab=per-...
https://www.arcep.fr/fileadmin/reprise/observatoire/ipv6/Arc...
(2025, from 2024 data)
Reason that Google isn't seeing more is a) some BigCo v4 holdouts b) happy eyeballs sometimes landing on v4 because their v6 is shitty 6rd or something (e.g Free SAS)
The only ISP not putting out v6 widely is SFR, and thankfully they've gone bankrupt and we will be rid of this scourge.
The connection is solid, though - thus my lack of enthusiasm.
LTE arch with the PGW handles IP allocation to devices
https://www.google.com/intl/en/ipv6/statistics.html#tab=per-...
At the moment pretty much every website is reachable via IPv4 but a lot not via IPv6. Will there be a day when this turns around?
That's already the case. IPv6 is often faster because most ISPs these days use cgnat for IPv4.
This becomes noticeable when pipelines on IPv6 connected servers suddenly have random request/post failures to public services. Then either the whole service is temporarily having issues or there are a few bad IPv6 endpoints while all the IPv4 endpoints are fine.
Seemingly this failure mode can go unnoticed for days while the same won't be true for IPv4 due IPv4-only still being the norm for corporate networks. And no, current form of happy eyeballs v2 won't account for this.
Besides bad endpoints it could also be a problem with bgp route advertisements where the IPv6 prefix takes a weird path and ends up being blocked by a CDN at the other side of the ocean. This happens more than you'd think. Obtaining pypi packages was quite a challenge last year for us for a couple of weeks due to this.
Not really a fault of IPv6 technology wise, and in general can be solved client side through retry functionality, but in practice it still can lead to a worse outcome due to lackluster IPv6 adoption.
I used to think ISPs, organisations, admins and users were just being lazy for not implementing IPv6 or turning it off as the first thing to do when network problems happen, but when this far in the rollout such basic things still lead to difficult troubleshooting sessions then perhaps time has come to say something has gone terribly wrong.
It saddens me to say that I totally understand that businesses do not want to pay the price for implementing IPv6 unless absolutely necessary, because until the majority of traffic is IPv6 or even IPv6-only it does not make a lot of sense.
The flipping point is nearer than ever, though I fear it will in the short term lead to even worse stability for both protocols until IPv6 truly becomes the norm, whenever that may be.
If you've ever visited a website from your smartphone (over 4G/5G), your first hop has in all likelihood been over IPv6. If you have visited a website from your phone that only had an A record then you probably went through a CG-NAT box, which added latency.
If you streamed a Youtube video to your phone, or checked Gmail, or Instagram or Facebook, then it was over IPv6.
People (including probably you) use IPv6 everyday, multiple times, without knowing it.
Also there are cases where the ISP didn't bother even optimizing their routing in v6. I understand that some ISPs in Asia (and especially in Japan, where it shows up on ordinary customers in terms like MAP-E and VNEs) have separate backplanes for v4 and v6 (some are legacy reasons, some are business reasons). Guess which one is being devoted more in practice (hint: not the one being devoted more by IETF).
Edit: I thought this was just in Asia, but apparently this is also the case in an ISP in UK (https://news.ycombinator.com/item?id=48618403)
Do you have examples for this? I've never experienced this, and I've been using IPv6 for years.
Also, how can you be sure that the same request to IPv4 would have been fine? Did you actually see consistent failures on v6 and consistent success on v4? Otherwise, if a service has a reasonably low error rate, success on retry is the expected outcome, regardless of the path the retry takes.
This happened with pypi (IPv6 BGP routing problem caused by a bad route from one of our peers combined with their fastly CDN not reply to us on IPv6 from the other side of the ocean for some weird reason), but also with yum and apt mirrors (seemingly random problems with the IPv6 service or firewall of the remote endpoint), and various other web resources accessed from pipelines.
The solution always was to temporarily block the bad IPv6 endpoint(s) or temporarily completely disabling IPv6 on the server itself or on the squid proxy server for workloads without direct connectivity.
Obviously it also can be the other way around, but in practice it appears to happen less often with IPv4, and if it does things get addressed quickly instead of taking hours or days or weeks.
Users doing speed tests in CGNAT may be seeing numbers that aren't exactly real for a (still) mostly IPv4 Internet.
Infact the only isp I have seen do it is starlink and I have contacts with ISPs in 60 different counties.
More on this: https://vincent.bernat.ch/en/blog/2024-why-ipv6
Unless you want to host multiple minecraft servers on the same port on different servers at home?
Indeed hosting anything at home is such a rare workflow that someone wanting it can choose an isp which gives them the facilities they need.
Unless you don’t live in a competitive market based economy and just have the single government mandated isp aimed at the lowest common denominator, in which case you’ve got far worse problems.
If there's one thing market competition does well, is remove any kind of meaningful variety - because supporting a niche offering costs money, and is not worth it unless it nets positive, otherwise it's just a drag that makes you fall behind your competition.
The internet would be much less centralized if IPv6 happened when it was supposed to.
Also IPv6 addresses are ugly
Only because it is overengineered. Parents pragmatic protocol would have been adopted faster
Most people can pick up calculating subnets in their head in ipv4 pretty quickly and ipv4 addresses are easy to memorize on accident. My brain turns to mush as soon as I start seeing hexadecimal characters in addresses.
you can send a packet from an extended address host to a vanilla v4 host if you map the address space into a range like you suggest..but that v4 host just has no way of sending a message back..so its kinda useless
We need to pretend we overengineer. But some in the committee made it sure data exfil would be basically impossible to detect / block with IPv6, which all the others, always in love with the most rube-goldberg design possibles, loved the "overengineered" solution.
With rube-goldberg designs, you can then always say stuff like:
"The xz backdoor was TOTALLY unrelated to systemd"
Yet it only concerned distro that shipped with systemd.
Go figure.
It's always "because insert-crazy-non-sensical-hair-pulling-reason-here".
Ah yes, it's because of that. So it's so totally unrelated right?
Except it still only affect distro using systemd.
Or maybe, you know, backdoors and exfils were the plan from the very start.
"The protocol won't work correctly unless you let crazy ping packets doing you-know-what". And nobody is ever going to properly firewall all that.
Overengineering is one thing, yes.
But we know for a fact that there are xxxINTs infiltrating committees and pushing "solutions" that are only solutions to them.
HE shows 41% ASNs support v6: https://ipv6.he.net/
Also you made the life better of people who have DS lite. They only get a public IPv6 and all their IPv4 traffic goes through a CGNAT.
https://cr.yp.to/djbdns/ipv6mess.html
Yes, it is old, many examples are outdated, but the main points still hold. Decades later his suggestions for making IPv6 succeed are still not implemented.
2. Most websites assume that 1 IPv4 address==1 household, so you'll often run into rate limits. Or even worse, you might be blocked entirely if your CGNAT neighbours are spammers or otherwise breaking website rules.
Yeah, I just mentioned that because P2P networking is used a lot more than most people think these days, since even things like Zoom that look like typical client–server web browsing actually use P2P networking internally.
> It was suggested that a website operator deploying IPv6 would somehow improve the end user experience by virtue of avoiding CGNAT and I was questioning that.
Reliability and latency will be marginally better with IPv6 than with CGNAT, but this is so minor that I doubt that most people will notice this. And many CGNATs will RST connections that last too long, but most protocols have some sort of automatic retry/reconnect built in, so this shouldn't cause issues very often either.
IPv6 addresses are quite a bit cheaper than IPv4 addresses in most clouds, but since most servers still need to support IPv4, this doesn't help you directly. Supporting IPv6 means that others using the cheaper IPv6-only cloud services will be able to connect to your server, but this doesn't matter for consumer-only services.
So yeah, you're probably right that enabling IPv6 server-side won't have (m)any benefits.
> I do of course appreciate that going via CGNAT to a clueless operator that eagerly adds IPv4 bans can be problematic but that's more a question of why you as a consumer might want IPv6 connectivity not why a service provider would want to deploy it.
Being able to ban IP addresses without worrying about collateral damage is a pretty big benefit to the service provider though, for certain applications at least.
Non-legacy, newly formed ISPs have to spend a lot of money on either buying or leasing IPv4 address space, and even then if they grow they probably won't be able to keep up, and so have to deploy 100.64.0.0/10 to the WAN interface of CPEs and then buy a bunch of CG-NAT hardware.
The problems are on not entirely visible at the end-user side of things because of the Herculean efforts by ISPs.
IPv4-only services are thus externalizing the costs of connectivity to ISPs (especially newly formed ones).
Isn't that literally their raison d'être? Point taken that in aggregate it increases the costs of network operators but still that's got nothing to do with an individual instance of an individual user visiting an individual website.
2) if cg nat is as popular as people claim then they won’t be doing that as it’s not an edge case
I prefer to run scrapers behind CGNAT because websites can't ban it without causing collateral damage, which matters more to some than to others. The website probably has to put up a captcha. Which hurts its human traffic. Think about how much more traffic you could have if you didn't show everyone a captcha, and you might see that you should also be in favour of IPv6.
Your CPE is probably running UPnP IGD and/or PCP for hole punching of P2P services, and IGD/PCP can hole punch just as easily for IPv6.
> 2) if cg nat is as popular as people claim then they won’t be doing that as it’s not an edge case
It's not whether CG-NAT is an edge case or not, it's whether there are things that are completely impossible with it or not. Want to play with your friends on your Xbox/PS? Too bad, CG-NAT makes it completely impossible.
Why should we be happy with a technology that makes certain use cases impossible? On what planet is that a good thing?
Stateful firewalls and even regular NAT aren't much of an issue for P2P, but CGNAT is much more problematic [0].
> 2) if cg nat is as popular as people claim then they won’t be doing that as it’s not an edge case
You'd hope, but people tend to be pretty slow to update their networking assumptions, so this is still pretty common. And it doesn't help that most CGNAT users tend to be either from poorer, since poorer countries and mobile data providers are far more likely to use CGNAT than legacy North American ISPs.
My ISP doesn't do CGNAT in FTTH deployments, but I'm paying extra for a static IPv4 allocation anyway since I was increasingly getting hit with captchas every time my IPv4 rotated to flagged IPs that were trashed by my fellow subscribers with poor infosec practices - i.e. 99.9% of residential subscribers.
Once I got a static allocation, captchas are getting easy to pass.
Mobile carriers use it almost exclusively, which is already a huge chunk of the internet, and newer ISPs are switching to it too.
> I'm supporting both because I heard it's good to support both, but I'm not sure what the actual benefit is.
The benefit is that you allow IPv4-only and IPv6-only clients to connect.
Some applications will still fail to work though unless you also have 46 nat on your device which still doesn’t work transparently on majority of types of device.
You also need all devices on your lan to support v6 natively, and v6 only. From your printer to your speaker.
You might be able to do something with mdns and nat64 to get them working on an IPv4 only subnet. But you’re talking layers and layers of complexity for things which just have to work.
I’m posting this from my phone on my IPv6 only subnet, not sure if it’s using a 64 gateway or 6 native to HN, but it’s possible.
From the user side IPv6 is great for me. My ISP is using CGNAT and would bill me ten pounds a month for a static IPv4 address but I automatically get a vast block of IPv6. I'm using that block to allow me to VPN back home when out and about, and if I wanted to I could also host services from devices on my home network without needing any NAT nonsense, I can just open access to the relevant device on the router. (Because this is a world where not everywhere supports IPv6 yet if I'm on an IPv4 only network the VPN endpoint is a dedicated server I rent which forwards the relevant port back to my home router over IPv6)
Chances are they also skimping on other areas including over subscription. Choose a better isp if you want a better service.
Your “just open traffic to internal host 1 on your firewall is the same no matter if it has nat or not, unless you are using a non stateful firewall? Or perhaps your configuration layer splits the two for reasons.
The great news is those vulnerability scans from random IPs are coming just on ipv4, there hasn't been any yet on ipv6 :)