Most active commenters
  • Dylan16807(6)
  • josephg(5)
  • kijin(3)
  • thayne(3)
  • immibis(3)
  • pmarreck(3)
  • cyberax(3)

←back to thread

The IPv6 Transition

(www.potaroo.net)
215 points todsacerdoti | 57 comments | 20 Oct 24 05:54 UTC | HN request time: 1.453s | source | bottom
Show context
hairyplanter ◴[20 Oct 24 07:13 UTC] No.41893537[source]
I have fully implemented IPv6 in my home network.

I have even implemented an IPv6-Only network. It fully works, including accessing IPv4 only websites like github.com via DNS64 and NAT64 at my router.

The only practically useful thing about my IPv6 enabled network is that I can run globally routable services on my lan, without NAT port mapping. Of course, only if the client is also IPv6.

Other than this one use case, IPv6 does nothing for me.

It doesn't work from most hotels, nor from my work lan, nor many other places because most "managed" networks are IPv4 only. It works better at Cafes because they are "unmanaged" and IPv6 is enabled by the most common ISPs, like ATT and Comcast and their provided routers.

Based on this experience, I think IPv6 is less valuable than us HN audience thinks it is. Private networks, NAT, Carrier Grade NAT are good enough, and internet really doesn't care about being completely peer-to-peer.

I think the adoption rate reflects this--it's a linear growth curve over the last 25 years. It should have been exponential.

I think cost of IPv4 reflects this--it is now below the peak, and has leveled off.

As surprising as it seems, IPv4 exhaustion has not been a serious problem. Internet marches on. IPv6 is still a solution looking for a problem, and IPv4 exhaustion wasn't one of them.

replies(21): >>41893541 #>>41893647 #>>41893711 #>>41896275 #>>41898003 #>>41898138 #>>41898700 #>>41898907 #>>41898988 #>>41899569 #>>41900489 #>>41900918 #>>41901253 #>>41901285 #>>41902429 #>>41902453 #>>41902668 #>>41903211 #>>41903638 #>>41903908 #>>41913238 #
1. Dylan16807 ◴[20 Oct 24 07:15 UTC] No.41893541[source]
NAT is mostly okay, but carrier grade NAT where you can't forward a port causes real problems.

IPv4 exhaustion is a real problem, it's just not enough to motivate people much.

replies(5): >>41893570 #>>41893584 #>>41899608 #>>41900893 #>>41902480 #
2. saurik ◴[20 Oct 24 07:20 UTC] No.41893570[source]
Have you tried using PCP to forward the port? I was under the (maybe-incorrect, and if so I would really like to learn) impression that most major CG-NAT setups supported it.
replies(3): >>41893628 #>>41897924 #>>41902496 #
3. kijin ◴[20 Oct 24 07:21 UTC] No.41893584[source]
If it was a real problem, market pricing would reflect the increasing severity of that problem.

The truth is that people who care about port forwarding are such a small minority -- especially now that P2P file sharing has lost its hype -- that they don't make a visible dent in the rate of IPv4 exhaustion.

replies(6): >>41893614 #>>41893621 #>>41893682 #>>41900260 #>>41902262 #>>41909616 #
4. Dylan16807 ◴[20 Oct 24 07:28 UTC] No.41893614[source]
The market price is only something like 5 or 10 dollars a month, but anyone having to pay that to be accessible is an embarrassing failure of the system. It doesn't matter whether it's a big dent in the number of IPs or not.
replies(2): >>41893673 #>>41899262 #
5. Hamuko ◴[20 Oct 24 07:29 UTC] No.41893621[source]
Doesn't CGNAT also mess up things like Nintendo Switch online multiplayer?
replies(1): >>41898649 #
6. Dylan16807 ◴[20 Oct 24 07:32 UTC] No.41893628[source]
I suppose I can try that some time. I can find absolutely zero mentions of that for the ISP, just the option of buying a static IP.
7. kijin ◴[20 Oct 24 07:42 UTC] No.41893673{3}[source]
There are billions of people out there who can access the internet, and make themselves accessible through the internet the way they want, just fine without a dedicated IP address.

Maybe you have a definition of "access" that is different from the usual one. That's fine, but let's be honest, it's not the usual definition.

replies(1): >>41897465 #
8. AStonesThrow ◴[20 Oct 24 07:44 UTC] No.41893682[source]
The truth is that major cloud providers such as Amazon AWS have begun to charge [more] for static, routed IPv4 addresses.

Last I checked (a few years ago, I suppose), AWS APIs were incapable of using IPv6 internally, so a VPC still needed to dual-stack it in order to use AWS cloud features. That may have changed by now.

replies(2): >>41893774 #>>41898591 #
9. kijin ◴[20 Oct 24 08:07 UTC] No.41893774{3}[source]
IPv4 prices peaked during the Covid pandemic, presumably because of sudden high demand. Amazon took this as an opportunity to increase prices.

Now IPv4 prices are returning to pre-Covid long-term trends. But of course Amazon won't reflect that in their pricing table.

replies(1): >>41898189 #
10. Dylan16807 ◴[20 Oct 24 18:32 UTC] No.41897465{4}[source]
Someone being able to connect to their device is the definition I use. What's your definition?

Being able to relay through a third party is a different thing.

replies(1): >>41900525 #
11. kortilla ◴[20 Oct 24 19:38 UTC] No.41897924[source]
Nah, many carriers don’t support it. I’ve always had to resort to STUN
replies(1): >>41900773 #
12. throw0101c ◴[20 Oct 24 20:17 UTC] No.41898189{4}[source]
> Amazon took this as an opportunity to increase prices.

IPv4 prices peaked in early 2022; AWS started charging for public IPv4 in 2024 (announced in 2023):

* https://aws.amazon.com/blogs/aws/new-aws-public-ipv4-address...

If they had increased prices in 2022 (or at least announced in 2022), then I could see some kind of correlation, but give it was 1.5-2 years after, I doubt there is a connection.

replies(1): >>41902651 #
13. thayne ◴[20 Oct 24 21:23 UTC] No.41898591{3}[source]
Yep, lots of AWS apis don't work over ipv6, and many require making requests outside the VPC, so you need to have at least one ipv4 address for a NAT.
replies(1): >>41906107 #
14. electronbeam ◴[20 Oct 24 21:31 UTC] No.41898649{3}[source]
Nintendo should really enable IPv6 on the Switch to help with this
replies(1): >>41903376 #
15. tptacek ◴[20 Oct 24 23:09 UTC] No.41899262{3}[source]
Almost nobody (far, far less than 1% of users overall) do pay this; the system is in this regard smashingly successful by econometric standards.
replies(1): >>41900271 #
16. arp242 ◴[21 Oct 24 00:16 UTC] No.41899608[source]
The main problem I had when I was on CGNAT was not so much port forwarding (annoying, but solvable), but with being banned from all sorts of stuff. The address is shared with so many people and one person did something stupid or malicious or whatnot. Sometimes you don't even know if you're banned or not.

For better or worse, IP blocks are still very common. It's easy to complain about this, but there aren't really any good methods to deal with persistent abuse.

replies(2): >>41902787 #>>41912999 #
17. lucw ◴[21 Oct 24 02:50 UTC] No.41900260[source]
In practice the tech giants such as Google, Apple and Microsoft will dictate adoption of technology. When Chrome starts mandating or heavily recommending IPv6, adoption will reach 99% overnight. That's what happened with https: https://www.znetlive.com/blog/google-chrome-68-mandates-http...
replies(1): >>41903337 #
18. Dylan16807 ◴[21 Oct 24 02:53 UTC] No.41900271{4}[source]
The IP consolidation is reasonably successful, but it doesn't have to break port forwarding, that's laziness and negligence.
19. minitoar ◴[21 Oct 24 03:51 UTC] No.41900525{5}[source]
Most people are totally fine relaying everything through a third party. A vanishingly small number of email users host it themselves.
replies(3): >>41901361 #>>41901756 #>>41902958 #
20. matrix2003 ◴[21 Oct 24 04:50 UTC] No.41900773{3}[source]
STUN also isn’t guaranteed if the router is strict. IPv6 removes a lot of these unknown and strange ways that IPv4 infrastructure can break things.
21. josephg ◴[21 Oct 24 05:19 UTC] No.41900893[source]
> IPv4 exhaustion is a real problem, it's just not enough to motivate people much.

Well, its only really a problem if you're poor. Rich people don't care - IPs are still cheap enough when you live in a wealthy country & have a decent job.

The people affected by IP address exhaustion are largely the exact set of people who can't do anything about it.

replies(2): >>41901711 #>>41909895 #
22. IcePic ◴[21 Oct 24 06:49 UTC] No.41901361{6}[source]
But is it "well off people not having a problem paying a buck or two directly or indirectly to an american corporation to be able to bounce traffic" which you refer to as "most people"? I can see how a few billion other people would have problems with that concept for many reasons apart from the obvious financial one.

And for everyone that does pay this "internet tax", it only strengthens the position of said corporations to be able to buy up even more of the available routable ips. It's not hard to see that the end result is very much not in the consumers favor, regardless of how unnecessary it feels for customers currently to have a real ip when all they want is kitten animations on social media.

23. nlitened ◴[21 Oct 24 07:51 UTC] No.41901711[source]
What country is that where poor people can’t afford an IP address? Is it a real place?
replies(1): >>41902104 #
24. immibis ◴[21 Oct 24 08:02 UTC] No.41901756{6}[source]
This is a problem.
25. josephg ◴[21 Oct 24 09:07 UTC] No.41902104{3}[source]
From the article, IPv4 only has 3.03 billion unique, routable addresses. The world population is 8.2 billion. So there's only enough IPv4 addresses for 1 unique address per 3 people on the planet. But of course, in reality, huge swathes of the IP address range are held by big companies (like amazon), universities and the US military.

Its very common for whole streets or neighbourhoods to collectively share a single IPv4 address. Its required, as a result of simple math.

You'll even see this in some parts of the US and UK.

replies(2): >>41903571 #>>41904896 #
26. efitz ◴[21 Oct 24 09:33 UTC] No.41902262[source]
Why was this downvoted? It’s exactly right.

The reason that IPv6 is so lightly used is that it’s cheaper to use IPv4 + workarounds.

I’m not saying this is a good thing or a bad thing, or making any value judgment about IPv4 vs IPv6.

People and businesses don’t spend money on technology upgrades where the benefit is not measurably better than what they already have.

This is just common sense; no one wants to throw away money.

If you want people to use IPv6, then IPv4 has to fail first. As long as people keep making it work then the benefits of changing will never outweigh the costs.

BTW this is exactly the same situation as clean energy vs fossil fuel, etc. In that situation governments are actively putting their thumb on the economic scales in all sorts of ways. Again, I’m not offering a value judgment, just an observation.

replies(1): >>41903346 #
27. ozim ◴[21 Oct 24 10:02 UTC] No.41902480[source]
It is enough for Amazon/Google/FB/Netflix - they start to choke on IPv4 and they also don't want to pay up insane amounts for holding IPv4 ranges. When they switch to IPv6 they have more cheaper addressing. Once they force it down by making faster services via IPv6 all the ISPs will follow right away because everyone will want to have their Netflix/YT streams load faster.
28. orangeboats ◴[21 Oct 24 10:06 UTC] No.41902496[source]
PCP is not widely deployed in South East Asia at the very least. Relying on it is not feasible.
29. bluGill ◴[21 Oct 24 10:33 UTC] No.41902651{5}[source]
i would expect aws needs a year or two from when they decide to charge for something new just to work out the details
replies(2): >>41902788 #>>41904078 #
30. GoblinSlayer ◴[21 Oct 24 10:55 UTC] No.41902787[source]
CGNAT is a small tor.
31. throw0101c ◴[21 Oct 24 10:55 UTC] No.41902788{6}[source]
> i would expect aws needs a year or two from when they decide to charge for something new just to work out the details

The price had already dropped, and was continuing to fall, when they announced the change, so if rising acquisition cost was the primary reason for adding the IPv4 charge, it had already went away.

I think AWS has looked at a utilization graph and sees a time their current pool is get used up at current rates and doesn't want to go through the hassle of acquiring more IPv4 addresses, regardless of cost (even if it is "cheap").

I also think that they have statistic for their www.Amazon.com storefront, and maybe are seeing a good proportion from IPv6 and so figure that there's a 'critical mass' (especially mobile).

replies(1): >>41903004 #
32. GoblinSlayer ◴[21 Oct 24 11:25 UTC] No.41902958{6}[source]
But this third party isn't free service even if it runs on ip6.
replies(1): >>41905506 #
33. bluGill ◴[21 Oct 24 11:33 UTC] No.41903004{7}[source]
There is a lot of lag in decisions like this so price falling isn't enough to say anything.
34. pmarreck ◴[21 Oct 24 12:17 UTC] No.41903337{3}[source]
One can only hope.

Either this or a "killer app" use-case that requires IPv6 will push it forward significantly, IMHO.

replies(1): >>41903725 #
35. pmarreck ◴[21 Oct 24 12:18 UTC] No.41903346{3}[source]
> The reason that IPv6 is so lightly used is that it’s cheaper to use IPv4 + workarounds

Cheaper? Hetzner and other hosts give IPv6 addresses out for free and charge extra for IPv4 addresses.

replies(2): >>41903736 #>>41908461 #
36. pmarreck ◴[21 Oct 24 12:21 UTC] No.41903376{4}[source]
The network experience on Nintendo devices always seemed janky and home-grown. I feel like they built everything from scratch at corp HQ complete with wonky edge cases.
37. otabdeveloper4 ◴[21 Oct 24 12:45 UTC] No.41903571{4}[source]
In reality an IP address costs about $2 a month at market rates.
replies(2): >>41904052 #>>41904061 #
38. immibis ◴[21 Oct 24 13:03 UTC] No.41903725{4}[source]
Like high-quality video calling for free?

Companies will relay your video calls for free. For now. Basically undercutting. The only way to prevent undercutting is by the government regulation.

39. immibis ◴[21 Oct 24 13:04 UTC] No.41903736{4}[source]
And if you want PI addresses, they exist for IPv6 only.
40. josephg ◴[21 Oct 24 13:38 UTC] No.41904052{5}[source]
So? Is your argument that it’s so cheap that everyone should get an IP? That would be mathematically impossible.

If more people wanted an IP, the price would just rise. The same percentage of people (less than 1/3) would have one. They would just pay more.

It’s like buying land in a city like SF. Demand can change the price, but the supply remains the same.

replies(1): >>41904366 #
41. ta1243 ◴[21 Oct 24 13:39 UTC] No.41904061{5}[source]
Because of two technologies

1) CG-NAT

2) IPv6

You literally can not have one unique IPv4 address per mobile phone.

42. ta1243 ◴[21 Oct 24 13:41 UTC] No.41904078{6}[source]
AWS is seeing growth rates reduce and needs to pump up their revenue.

They're moving onto the "squeeze" part of the cycle.

43. otabdeveloper4 ◴[21 Oct 24 14:10 UTC] No.41904366{6}[source]
The argument is that migrating to IPv6 isn't worth anyone's time. (Except for maybe CG-NAT operators.)
replies(1): >>41906798 #
44. nlitened ◴[21 Oct 24 14:57 UTC] No.41904896{4}[source]
What you're saying is similar to "there's limited amount of SWIFT codes", not enough for each person on earth, so each person cannot have their own bank to receive money transfers.

True, but each person does not need to have their own bank to send or receive money, they can have an account within a bank of their preference, and use that extra information to route money transfers precisely.

"But they can't route money directly" — most people will never need to.

replies(1): >>41909878 #
45. minitoar ◴[21 Oct 24 15:59 UTC] No.41905506{7}[source]
What? I don’t write a check to Google to use their email. It’s free.
46. cyberax ◴[21 Oct 24 17:05 UTC] No.41906107{4}[source]
You can use NAT64, it works with all the AWS services. Although it's pretty stupid that services like ECR don't have IPv6.
replies(1): >>41906812 #
47. Dylan16807 ◴[21 Oct 24 18:17 UTC] No.41906798{7}[source]
The number of people behind CGNAT is huge and rising. It's collectively worth it. And really not that much effort. (If your internal business network is sufficiently entrenched you don't have to change it.)
48. thayne ◴[21 Oct 24 18:18 UTC] No.41906812{5}[source]
NAT64 requires you to have a NAT with a public ipv4 address. Or possibly pay to use someone elses NAT.
replies(1): >>41907123 #
49. cyberax ◴[21 Oct 24 18:47 UTC] No.41907123{6}[source]
AWS supports NAT64 automatically if you have an Internet gateway attached, you just need to set it up in the VPC settings.
replies(1): >>41907924 #
50. thayne ◴[21 Oct 24 20:00 UTC] No.41907924{7}[source]
https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway...

Says you need to have an AWS NAT for that to work. And AFAIK, setting up a NAT requires an ipv4 elastic ip.

And it makes since that AWS would want customers to have their own IP for NAT64, so that if one customer does something to get the ip address blocklisted it doesn't impact other customers.

replies(1): >>41910308 #
51. efitz ◴[21 Oct 24 20:57 UTC] No.41908461{4}[source]
Most people don’t need a public IPv4 address and can live with CGNAT.

For the relatively small number of people who do need public addresses, renting them from a cloud provider or buying blocks at auction are still economically viable, in comparison to the capital costs of upgrading everything that needs upgrading to support IPv6-only.

52. James_K ◴[21 Oct 24 23:26 UTC] No.41909616[source]
This isn't necessarily true. The scarcity of IPv4 addresses could very well induce a lack of demand and decrease the price. You wouldn't dream of developing a technology that requires people to have an individual IP address, so you don't. This massively reduces the demand for v4 addresses. It's not as if there are users out there who will demand the features you can't implement, and it's not as if you could fund the entire IPv6 network by yourself to bring about those features. Then ISPs have no reason to support v6 because no customers demand it. Instead of increased price, the cost is paid through decreased service. Think of a congested road network. It could be well worth it to build some more roads and ease congestion, but if there is no one in the system willing to pay for it, everyone will suffer.
53. josephg ◴[22 Oct 24 00:09 UTC] No.41909878{5}[source]
Yeah I hear the argument that CG-NAT is fine for most people. It’s true, but kinda sad. It means most people won’t be able to run home servers, or learn to be the server for a multiplayer video game, or all sorts of other things I took for granted when learning the craft. It kinda locks in, technically, the consumer and producer relationship between computers on the internet. And for no good technical reason - just a quirk of history. CGNAT is usable; but it’s sad.
54. selcuka ◴[22 Oct 24 00:12 UTC] No.41909895[source]
Remember rich people wants to sell stuff to poor people, so if it's a problem for poor people then it's also a problem for the rich.
replies(1): >>41911630 #
55. cyberax ◴[22 Oct 24 01:30 UTC] No.41910308{8}[source]
Yes, you're correct.

Though I don't think AWS cares too much about IP blocklist, you can always just get another elastic IP at any moment.

56. josephg ◴[22 Oct 24 06:08 UTC] No.41911630{3}[source]
True. But CG-NAT is mostly fine for disempowered consumers.
57. Arnt ◴[22 Oct 24 10:43 UTC] No.41912999[source]
Ah… that makes it sound as if we've reached a phase where IPv6 has no significant problems and saves a little bother compared to IPv4. Switch to v6 ⇒ escape false alarms from tools like fail2ban.