undefined | Better HN

0 pointsbert643y ago0 comments

You're thinking small..

In an organisation of any significant size, remembering legacy IP is much worse than v6.

Chances are you will have lots of disparate legacy blocks, some starting 1.x, some starting 80.x etc. Then you have all the RFC1918 space, and the possibility of overlapping address space in different areas of the business. Then you have to keep track of translations, so an internal address 10.1.1.1 could have an external address of 80.1.1.1 but only on port 25, if you're talking over port 443 then actually the traffic is forwarded to 192.168.1.1 instead.

IPv6 is simpler. You have a single prefix for your company, eg 2001:db8:: Then you split it out in a sensible hierarchical way, for instance 2001:db8:1:: is your facility in the US, 2001:db8:2:: is your facility in Canada etc. Beyond that you go down to VLANs and hosts as needed.

So 2001:db8:2:25::1 is a device in your toronto data center... 80.1.1.1 is where?!?!? 192.168.1.1 is where?!? and which one did you mean?!?!

Then there's no NAT, no address overlap, much simpler. 2001:db8:2:25::1 is the same device wether you're talking to it on port 1 or port 65535. Your firewall rules are simpler and more secure as a result.

Microsoft had a presentation about this, and they are a bigger organisation than most.

If you're only small then you don't care, technologies like SLAAC and MDNS exist for exactly this reason.

0 comments

dheera3y ago

Yeah I get it. At an organization your size, you want IPv6.

I was illustrating why there is zero incentive for 99.99% of people to not care, which is the reason why it isn't getting adopted.

If moving my home network to IPv6 came along with some incentives -- e.g. significant tax breaks, free symmetric gigabit for a year for IPv6 traffic, discounts on rent, tax-free early IRA distributions to buy networking equipment, free electric car charging for 5 years, I'd move to IPv6 in a heartbeat.

bert64OP3y ago

The point is until everyone moves to IPv6, the rest of us are stuck having to support dual stack - which is expensive (see the recent story about an ISP supporting a tribal reservation who had to spend an extra $300k and wait 11 months to support legacy IP) and introduces complexity/risk.

For a small network it makes no difference, everything is auto configured, mdns is used to lookup names, you can makes your hosts ::1 ::2 etc if you want to. Many ISPs around the world provide IPv6 by default, and users are using it without even realising, so it is being adopted just not fast enough. Global usage is around 42% based on published stats, and is well over 50% in many countries, as high as 80% in some.

IPv6 does provide benefits to end users, it reduces cost for the ISP and makes end to end connectivity viable which opens up a whole new set of opportunities. End to end is immensely beneficial for gaming, voip etc. Having everything centralised because users are encumbered by NAT is a big problem - increased latency, high costs (recouped from the users somehow - eg selling their data), single point of failure, applications which become useless once the central servers are shut down etc.

bauruine3y ago

Do you have a link to the tribal reservation ISP story? I can't find anything about it.

1 more reply

j / k navigate · click thread line to collapse