• GTG3000
    link
    fedilink
    536 days ago

    “Everyone is using IPv6”

    It’s barely supported. Most providers here “offer IPv6”, but each has a different gotcha to actually using it, if it works at all and they didn’t just route you through hardware that doesn’t know what it is.

    • @[email protected]
      link
      fedilink
      20
      edit-2
      6 days ago

      What’s “here”? Here in Germany, mine has it for maybe 10 years or so. Basically since launch day.

      And new ISPs only have v6 since all legacy (v4) blocks have been sold years ago.

      • @[email protected]
        link
        fedilink
        116 days ago

        Just because you have a IPv6 address doesn’t mean you’re actually using it. At best you’re tunnelling IPv4 traffic through your carrier’s IPv6 network. Current estimates (from Cloudflare) show only about 34% of the global internet uses IPv6.

        If you only used IPv6, you wouldn’t be able to access nearly 66% of the internet.

      • Muddybulldog
        link
        English
        96 days ago

        While you may have IPv6 it doesn’t do anything if the services you utilize don’t support it.

        MANY major websites and domains have no IPv6 support. https://whynoipv6.com/

      • GTG3000
        link
        fedilink
        English
        86 days ago

        Mordor itself, Russia. Technically, most ISPs support IPv6 here but as I said each has something weird in config that makes using it… Fun. I don’t remember specifics since I’m mostly looking at it from consumer side, but I could try finding the article (in russian) that talked about it.

        My current connection doesn’t have IPv6 at all according to https://ipv6-test.com/, although I’m not 100% if it’s because of provider or Cisco AnyConnect blocking shit.

        When you when you sign up for internet here, you get a dynamic IP, it’s been that way for… As long as I can remember, really. Definitely more than ten years. I know in Moscow people used to get white IPs way back when, but that’s long gone. Not really a problem since most people don’t host anything.

        • @[email protected]
          link
          fedilink
          16 days ago

          It’s becoming more and more of a problem I’d think. Blocklists just become longer, so the more an IP is used by random people the less useful it becomes.

          I might be completely wrong about this though.

          • GTG3000
            link
            fedilink
            26 days ago

            Well, kinda-sorta. I’ve yet to hit ip block when browsing without a VPN, but VPNs and proxies definitely are getting blocked pretty consistently.

            And seeing how wonderful the situation here is right now, I’m pretty familiar with VPNs at this point.

      • @Opisek
        link
        25 days ago

        Not at all only. At times you have both IPv6 and IPv4 and other times you can still get IPv4 at no additional cost like when you run your own router or modem. The layperson will be given IPv6 by default, but it’s not the only thing you can get.

        • @[email protected]
          link
          fedilink
          15 days ago

          Yes only. Note that I said “new ISPs”.

          The older ISPs already own all IPv4 blocks, so while they can still give them out to private or professional customers, it would be stupid to sell the blocks to competitors.

    • YTG123
      link
      fedilink
      236 days ago

      Mine provides a connection, but doesn’t expose ports on v6. So I can access v6 services but can’t self-host any.

      • @[email protected]
        link
        fedilink
        56 days ago

        Huh? With IPv6 you get your own IP address, the ISP doesn’t need to know shit about ports. Your address is not behind a NAT anymore, and ports don’t need to be forwarded.

        Perhaps you mean the ISP set up a firewall that blocks incoming connections? In which case, maybe you can have that firewall disabled? ISP firewalls and “safe browsing” packages are always shit.

        To be honest though there might be some aspect to this I don’t know.

        • @[email protected]
          link
          fedilink
          English
          136 days ago

          Honestly, I was there the first time round, when everyone raw dogged the internet on a single modem per PC. I remember Blaster, and talking people through removing it in 60 second bursts as their PCs shut down over and over.

          It was carnage. The average user doesn’t need open ports on the internet, and they’ll only get their elderly machines infected instantly if they did.

        • YTG123
          link
          fedilink
          15 days ago

          No option to disable… that I found, that is.

    • @cellardoor
      link
      -117 days ago

      Time to shift providers. Vote with your wallet

      • @calcopiritus
        link
        346 days ago

        Not always possible. In Spain IPv6 adoption is at like 5%. There’s literally no ISP that offers it. I don’t even know how that 5% got it, maybe special deals.

        • @cellardoor
          link
          96 days ago

          Yes just had a look, according to Google countrywide it’s 10%. Very low, sadly. Neighboring France at 74% IPv6. Interesting to see the difference even with neighbouring countries.

        • @cellardoor
          link
          66 days ago

          Sure, in the UK we have very strict rules around competition law and broadband access. Here, fibre businesses lay fibre to premises (and are paid to do so). Then, a customer can order from any number of broadband providers, and the company who originally laid the fibre lease that line out at wholesale prices. The broadband operator runs ‘over the top’ of whoever installed the fibre.

          That way, the fibre installer makes money over time, gently and progressively. All broadband companies and smaller ‘Alt-Nets’ as we call them, have an equal opportunity to a customer base. Finally the customer has the choice to find services matching their needs and price points. Pay a lot get a lot, pay less get less.

          I think I have a choice of 6. Names which come to mind are EE, Vodafone, Virgin, Trooli, Cuckoo and Orange.

          • @[email protected]
            link
            fedilink
            English
            56 days ago

            Meanwhile, in the US, the government paid ISPs for fiber to be ran and they just pocketed it instead.

            Now we’ve got smaller companies running fiber and charging less for synchronous gigabit than you’d pay for copper 500mb down 5mb up, and ISPs are panicking a bit.

            All the fiber maps have big empty zones where apartment complexes are, sadly.

        • @[email protected]
          link
          fedilink
          56 days ago

          Here in Greece, we have three providers, but I don’t want to change, since we pay very little money to the one I am in right now in return of slower speeds (5 Mbps download, 0.5 Upload).

          • @Aux
            link
            86 days ago

            5Mbps? OMG…

            • @[email protected]
              link
              fedilink
              36 days ago

              While I agree that it’s awfully low nowadays, kudos to them if they know that’s all they need.

              • @Takumidesh
                link
                16 days ago

                5 Mbps is slow enough that it should be considered a free tier, like, basic service for being alive tier.

      • KillingTimeItself
        link
        fedilink
        English
        146 days ago

        move providers? Where, to who? There is currently one provider where i live, soon potentially to be two. Though it’s not finalized yet, nor constructed, so for all intents and purposes, it’s just the one provider.

      • JackbyDev
        link
        fedilink
        English
        66 days ago

        As soon as fiber covers the final < 0.5% of my city with fiber (🤞 but I doubt it will happen) I’ll switch off of cable. Until then I can use cable with one provider or DSL with another.

  • @[email protected]
    link
    fedilink
    45
    edit-2
    6 days ago

    Why should we care? So address space may run out eventually - that’s our ISPs’ problem.

    Other than that I actually don’t like every device to have a globally unique address - makes tracking even easier than fingerprinting.

    That’s also why my VPN provider recommends to disable IPv6 since they don’t support it.

    • @[email protected]
      link
      fedilink
      English
      287 days ago

      Because people in countries with ISPs that are unable to provide IPv4 (e.g. too expensive) can’t access GitHub easily.

    • @[email protected]
      link
      fedilink
      56 days ago

      that’s our ISPs’ problem

      If the Internet means for you a way to access Facebook, Netflix, Google and YouTube, yeah.
      But if it means a network to send something to another computer then it’s a huge problem.

      Because ISP won’t care if you can accept connections or not. They don’t care about decentralization and being able to host stuff yourself. Most consumers just want a pipe to big services and not to their friend’s house.

    • @[email protected]
      link
      fedilink
      5
      edit-2
      6 days ago

      the only reason i can think of is cgnatting ipv4 because of depleted pool. otherwise yea.

      i believe you can NAT ipv6 too, i mean so you use the router’s address only?

      • @Avatar_of_Self
        link
        English
        36 days ago

        You’d better hope that you can NAT ipv6 because if you aren’t behind a CGNAT and then your LAN is completely exposed without a NAT you’re very likely going to have devices exploited.

        NATs on people’s boundary has been doing pretty much all of the heavy lifting for everyone’s security at home.

        • @orangeboats
          cake
          link
          26 days ago

          The word you are looking for is firewall not NAT.

          NAT does not provide security whatsoever. If the NAT mapped your (internal IP, internal port) to a certain (external IP, external port) and you do not have a firewall enabled, everyone can reach your device by simply connecting to that (external IP, external port).

          I haven’t seen routers that do not come with IPv6 firewalls enabled by default.

          • @[email protected]
            link
            fedilink
            1
            edit-2
            6 days ago

            everyone can reach your device by simply connecting to that (external IP, external port)

            to be fair thats the setup most people run when they open ports.

          • @Avatar_of_Self
            link
            English
            0
            edit-2
            6 days ago

            The word you are looking for is firewall not NAT.

            No the word I’m looking for is the NAT. It was not designed for security but coincidentally it is doing the heavy lifting for home network security because it is dropping packets from connections originating from outside the network, barring of course, forwarded ports and DMZ hosts because the router has no idea where to route them.

            Consumer router firewalls are generally trash, certainly aren’t layer 7 firewalls protecting from all the SMB, printer, AD, etc etc vulnerabilities and definitely are not doing the heavy lifting.

            By and large automated attacks are not thwarted by the firewall but by the one-way NAT.

            • @orangeboats
              cake
              link
              16 days ago

              Consumer router firewalls are generally trash

              [Citation needed]

              They are literally piggybacking on the netfilter module of Linux. I don’t see how that’s trash

              • @Avatar_of_Self
                link
                English
                1
                edit-2
                6 days ago

                They are not layer 7 firewalls for the network which are going to be where most the majority of attacks are concentrated. No citation needed unless you believe they are layer 7 firewalls or using something like Snort.

                Added some clarification in my first sentence so it makes a bit of sense.

                • @orangeboats
                  cake
                  link
                  16 days ago

                  Wait, why are we talking about Layer 7 when NAT and firewalls are Layer 4 at best?

    • @Aux
      link
      16 days ago

      That’s the dumbest thing I’ve read today… Your ISP is fleecing you and you’re happy with it.

      • @[email protected]
        link
        fedilink
        06 days ago

        What the fuck are you talking about? My ISP supports IPv6 just fine, but following my VPN’s advice I disable it (on certain devices at least) for privacy concerns. And it makes exactly zero difference in functionality.

        • @Aux
          link
          26 days ago

          OK, not your ISP, but your VPN is shit.

          • @[email protected]
            link
            fedilink
            2
            edit-2
            6 days ago

            It’s Proton VPN. Lack of IPv6 support is a downer but I wouldn’t call them shit.

            Edit: maybe elaborate why you deem IPv6 so crucial? As I said: everything works just fine without.

  • @bigredcar
    link
    206 days ago

    Just remember we got rid of TLS 1.0 the same thing can be done with IPv4. It’s time for browser makers to put “deprecated technology” warnings on ipv4 sites.

    • @NocturnalEngineer
      link
      666 days ago

      IPv4 isn’t depreciated, it’s exhausted. It’s still a key cornerstone of our current internet today.

      We still have “modern” hardware being deployed with piss-poor IPv6 support (if any at all). Until that gets fixed, adoption rates will continue to be low. Adding warnings will only result in annoying people, not driving for improvement.

      • @[email protected]
        link
        fedilink
        English
        86 days ago

        Adding warnings will only result in annoying people, not driving for improvement.

        Given how poorly adoption has gone so far this might be the only way to get actual fast support rolled out. Piss people off, get change

      • KillingTimeItself
        link
        fedilink
        English
        76 days ago

        IPv4 isn’t depreciated, it’s exhausted.

        exhaustion probably also constitutes as “deprecated” once the utility of a system designed to be, well, useful no longer meets the usefulness quotient that it previously provided. Suddenly It’s “deprecated technology”

          • KillingTimeItself
            link
            fedilink
            English
            15 days ago

            genuine question, any reason not to just actually deprecate it then? Like just stop producing hardware that routes IPV4. Chances are there’s enough that’ll already do IPV4 it won’t be a problem, and im sure if you really needed to, you could figure something out.

  • @AeonFelis
    link
    English
    146 days ago

    I’ll start using it after I migrate to Wayland.

    • @bfg9k
      link
      296 days ago

      You shouldn’t need to remember IP addresses, they invented DNS to solve that problem lol

      Even so, the addresses can be even easier to remember because we get a-f as well as digits, my unique local subnet is fd13:dead:beef:1::/60 cause I like burgers haha

      • DefederateLemmyMl
        link
        fedilink
        English
        21
        edit-2
        6 days ago

        You do need to know it when you’re working with subnets and routing tables.

        Unless you have anything but a flat network structure with everything in one subnet, working with IPV6 is a giant PITA.

        • @bfg9k
          link
          36 days ago

          I’m curious how you normally deploy since there’s a couple of ways to do it, I’ve mostly dealt with requesting a number of prefixes from the upstream router and delegating to each subnet/VLAN as appropriate, and each time I’ve done it it’s been a breeze

          Even if you need static addressing you can just set it manually and DAD will handle it if it ever conflicts with a DHCP address, at least in my experience

          • DefederateLemmyMl
            link
            fedilink
            English
            5
            edit-2
            6 days ago

            It’s when you have to set static routes and such.

            For example I have a couple of locations tied together with a Wireguard site-to-site VPN, each with several subnets. I had to write wg config files and set static routes with hardcoded subnets and IP addresses. Writing the wg config files and getting it working was already a bit daunting with IPv4, because I was also wrapping my head around wireguard concepts at the same time. It would have been so much worse to debug with IPv6 unreadable subnet names.

            Network ACLs and firewall rules are another thing where you have to work with raw IPv6 addresses. For example: let’s say you have a Samba share or proxy server that you only want to be accessible from one specific subnet, you have to use IPv6 addresses. You can’t solve that with DNS names.

            Anyway my point is: the idea that you can simply avoid IPv6’s complexity by using DNS names is just wrong.

            • @[email protected]
              link
              fedilink
              36 days ago

              Yes. However I can just avoid using ipv6 by NATing the fuck out of my network lol. Kick that can!

              • DefederateLemmyMl
                link
                fedilink
                25 days ago

                You don’t even have to NAT the fuck out of your network. NAT is usually only needed in one place: where your internal network meets the outside world, and it provides a clean separation between the two as well, which I like.

                For most internal networks there really are no advantages to moving to IPv6 other than bragging rights.

                The more I think about it, the more I find IPv6 a huge overly complicated mistake. For the issue they wanted to solve, worldwide public IP shortage, they could have just added an octet to IPv4 to multiply the number of available addresses with 256 and called it a day. Not every square cm of the planet needs a public IP.

        • @[email protected]
          link
          fedilink
          26 days ago

          You can subnet it with the exact same rulea as IPv4, nothing is chaning there.

          Replace, for example, 192.168. with fd01::, with digits after this being divided however you like. You might step upon a too basic router that has it’s own way to assign addresses with no way to change it, but that would not be IPv6 fault.

      • @[email protected]
        link
        fedilink
        English
        5
        edit-2
        5 days ago

        Is it possible to do that for router/access point running OpenWRT?

        I have to try it when I’ll be back home.

        Edit: turns out that all devices connected to router are accessible from <hostname>.lan. I don’t remember setting it up, tho.

    • KillingTimeItself
      link
      fedilink
      English
      46 days ago

      hosts.txt

      dns, VPN setups. ETC we live in 2024, there are solutions to this problem.

    • @[email protected]
      link
      fedilink
      36 days ago

      Since I bought a domain name I do not remember IP addresses. Just like I don’t remember password since I installed password manager or not remember phone numbers since I have a smartphone.

      It’s only annoying when being on someone’s else computer without my clipboard sharing setup and need to copy an address by hand. But that’s an issue when setting something up. I would take this inconvenience while setting up than all everyday inconveniences that IPv4 created in last years.

    • @[email protected]
      link
      fedilink
      26 days ago

      You can shorten them sometimes, the neatest trifk I saw was putting leetspeak words in the address.

  • JATth
    link
    107 days ago

    I’m actually bit sad that I had to move onto a ISP which has zero IPv6 support, as I previously did have IPv6. The last thing I did on that connection was to debug the hell out of my IPv6 code I had developed.

    • zoey
      link
      fedilink
      English
      47 days ago

      I feel you, moved ISP maybe 3 months ago, only to find out I’m behind CGNAT and no IPv6…

      • @sep
        link
        57 days ago

        That should simply not be allowed. Cgnat for ipv4 is fine if they also provide proper ipv6

    • @[email protected]
      link
      fedilink
      English
      116 days ago

      IPv6 changed some things. First and foremost it has a huge address space:

      • IPv4: 4294967296 (2^32)
      • IPv6: 340282366920938463463374607431768211456 (2^128)

      Then they simplyfied some things:

      • Removed Broadcast in favor of Multicast and Anycast
      • Added autoconfiguration without a DHCP server
      • Better subnetting support

      And much more

      • JohnEdwa
        link
        fedilink
        14
        edit-2
        6 days ago

        They went just a teeny tiny little bit overboard with the address space. Ipv4 is four groups between 0 and 255, ipv6 is eight groups of four digit hex, 0000 to ffff - e.g the Google DNS ipv4 address is 8.8.8.8. the ipv6 one is 2001:4860:4860:0:0:0:0:8888 (thankfully at least some devices allow using :: to skip all the zeroes, so it’s “just” 2001:4860:4860::8888)

        But we now have enough ipv6 addresses to give more than 10 billion ipv6 addresses to every single grain of sand on earth, and still have some left over.

        • @[email protected]
          link
          fedilink
          English
          86 days ago

          They never wanted to worry about address space size again. And this makes subnetting much easier. I have a /56 allocation so I could do 256 /64 subnets. I hope that at some point home routers will have the option for seperate subnets built in. This way you could easily have guest, IoT, work or whatever networks without NAT.

          One thing you have to consider though is that the minimum network size that allows autoconf is /64 and that because of the privacy extension a device usually has 3-4 IPv6 adresses.

        • KillingTimeItself
          link
          fedilink
          English
          36 days ago

          They went just a teeny tiny little bit overboard with the address space.

          as is seemingly standard for bit range increases. y2038 is now y2,900,000,000 due to added a silly amount of bits.

      • @[email protected]
        link
        fedilink
        English
        1
        edit-2
        4 days ago
        • we already have enough IPv4 addresses thanks to stuff such as NAT and CG-NAT, these devices also protect the end-user by not directly exposing their IP to the internet
        • what’s the problem with broadcast? also afaik IPv4 also supports multicast
        • what’s the problem with IPv4 subnetting?
        • @[email protected]
          link
          fedilink
          13 days ago

          In my opinion NAT is a hack that makes lot of things harder than they should be. STUN and TURN are services that are created because there is no easy way to connect two hosts between different NATs. UPnP for port forwarding is another. CG-NAT is even worse. I have heard of so many people having problems with it.

          Breadcast is messy. It is like screaming into a room and waiting for an answer. Multicast lets the computer decide if it wants and needs to listen to a specific group message.

          IPv4 didn’t have cidr from the beginning. They only had classes. IPv6 was designed with complex routing and sub routing in mind.

    • @[email protected]
      link
      fedilink
      116 days ago

      Their ranges are running dry. Nearly all address spaces are taken, so we will need to migrate eventually. However, since almost everyone still supports both, and ipv4 is much easier to read and maintain, adoption of IPv6 has been slow.

    • KillingTimeItself
      link
      fedilink
      English
      16 days ago

      IPV4 has a static ceiling for how many addresses can exist. We’re concerningly close to that ceiling already. If we were to run out, internet suddenly becomes a fucking nightmare.

    • @[email protected]
      link
      fedilink
      16 days ago

      Imagine getting out of phone numbers, so the solutions is for everyone to call the last remaining people with public/routable numbers 24/7 so those people would redirect messages to others.

      With Internet, users does not see that easly, but if you host anything for others it’s getting harder and harder to accept incoming connections without many layers of hacks to bypass hacks that ISPs do to keep IPv4 network working.

  • @[email protected]
    link
    fedilink
    37 days ago

    I’m using ipv6 when I occasionally connect to Yggdrasil.

    And I think I’ll use ipv6 if we ever need to build a new earthnet.

    It’s a fine technology.