The IPv6 Transition

I have fully implemented IPv6 in my home network.

I have even implemented an IPv6-Only network. It fully works, including accessing IPv4 only websites like github.com via DNS64 and NAT64 at my router.

The only practically useful thing about my IPv6 enabled network is that I can run globally routable services on my lan, without NAT port mapping. Of course, only if the client is also IPv6.

Other than this one use case, IPv6 does nothing for me.

It doesn't work from most hotels, nor from my work lan, nor many other places because most "managed" networks are IPv4 only. It works better at Cafes because they are "unmanaged" and IPv6 is enabled by the most common ISPs, like ATT and Comcast and their provided routers.

Based on this experience, I think IPv6 is less valuable than us HN audience thinks it is. Private networks, NAT, Carrier Grade NAT are good enough, and internet really doesn't care about being completely peer-to-peer.

I think the adoption rate reflects this--it's a linear growth curve over the last 25 years. It should have been exponential.

I think cost of IPv4 reflects this--it is now below the peak, and has leveled off.

As surprising as it seems, IPv4 exhaustion has not been a serious problem. Internet marches on. IPv6 is still a solution looking for a problem, and IPv4 exhaustion wasn't one of them.

I recently moved to a 'cheap' ISP because I could get double the speed for half the price. They use CG-NAT and it's been awful.

I don't need to forward any ports but seemingly because I share an IP with a billion people I get Captchas everywhere (Google, Cloudflare etc.). I was even blocked from accessing Reddit without an account at some point.

Starlink uses CGNAT. It's awful, I'm regularly getting CAPTCHAs on random websites.

They now support IPv6 but only with dynamic address allocations so you don't get a lot of advantages from it.

I've been using Starlink since early 2021 with IPv6 only internally. Starlink User Terminal hands out a /56 prefix (via DHCPv6) and mine has not changed in all that time so I wouldn't call it dynamic.

The User Terminal issues a router advertisement (RA) and my gateway gives itself an address in that /64 via SLAAC in addition to assigning itself an address from the /56 prefix.

If not using prefix delegation each host's address is dependent on their SLAAC policy - if not preferring stable addresses (e.g: EUI64) then of course the public address will vary (be dynamic) when using temporary "privacy" addresses.

My gateway delegates /60 sub-prefixes of the /56 and bare-metal hosts then either delegates /62 or advertises /64s from the /60 to VMs, containers, network namespaces and so forth.

As someone else described, I have my gateway also delegate ULA prefixes by changing just the first two octets of the public delegated prefix to fddc (fd = ULA, dc = "data center :) but otherwise identical and likewise on the bare-metal hosts, etc.

ULA is used for internal services; ISP delegated prefix for anything that needs public access.

Multicast-DNS takes care of internal hostnames; everything is ${hostname}.local

There's a separate VLAN for legacy IPv4-only devices that does NAT64 using a ULA prefix.

DNS64/NAT64 for the laggards like github.com that can't grok 128 bit addresses :)

The only time I have problems with web services is when their DNS advertises an AAAA resource record but their firewall/load-balancers/servers are not configured to allow/listen on it.