My residential broadband connection here in Australia still doesn’t support ipv6. I email them about it every year or so to keep it on their radar, but “they have no plans at this time to support ipv6”.
So long as the internet keeps working, my isp won’t care. I set up a HE ipv6 bridge, but it adds noticeable latency whenever it’s used, for sites like YouTube and Netflix.
I wonder if we need regulation to force the transition. The move to v6 might never complete otherwise.
In China, all ISPs for individuals are providing a router with IPv6 support on by default. All major APPs are forced to provide IPv6 support by the government push. Let's see how the transition in China will go. https://blog.apnic.net/2019/06/06/100-by-2025-china-getting-...
Maybe they have one endpoint that is reachable via ipv4 only and see that, while you have a HE.net IPv6 address, you still have a proper US telco giving you an IPv4 address?
I would guess around half. We've bought brand new Cisco gear, which for some unholy reason didn't support IPv6. We've worked with vendors who told us that they've been supporting IPv6 for years, a decade even, but try to enable it, and you'll see that no one actually ever used it, and it doesn't work.
Amazon could perhaps do with less IPv4 addresses, if people did misuse them. I work with a client who have a public IPv4 address associated with every single EC2 instance they have, despite only 5% of them have public facing services. They just got in the habit of assigning a public IP I guess.
So you have everything in a public subnet? That's asking for trouble.
Sure, if you have a tiny deployment you may not care (and the NAT fees may be a significant portion of that).
At some point, the NAT fees are noise - it amounts to ~ a dollar per day in us-west-2. Data processing charge is $0.045
It becomes way more valuable to ensure IT security, regulators and auditors that no, no inbound connections are allowed no matter what anyone does with the security group rules.
Also note that the AWS managed NAT gateways haven't been there forever. The option, before they were available, was to use one or more of your instances to NAT traffic. That's still available and could be an alternative, while reducing your potential footprint.
NAT doesn't add any additional security, Security Groups are fantastic at allowing you define your ingress/egress between instances and protecting them from harm.
All my instances get an IPv4 address an an IPv6 address by default so that there is parity. The fact that the IPv4 address still goes through some sort of NAT on AWS's side (1:1 but still NAT) kind of bothers me.
Cause all my services bind to a private IP on the inside. I don't see the real IP that it is receiving traffic on.
Also, if I have multiple IP's with EIP's attached so I can host multiple services (with unique IP's) I have to write automation to make sure I bind the service to the right internal private IP for the appropriate external IP address. It'd be much better if the IP address were routed directly to my EC2 instance.
> I have to write automation to make sure I bind the service to the right internal private IP for the appropriate external IP address.
Isn't that done in a more straightforward fashion by AWS loadbalancers? AWS load balancer IPs and ports on one side, listeners on the other side talking to your instances - if the instances are also in auto-scaling groups, there's zero automation needed after you set this up.
Plenty of networking gear has trouble with it. IPv4 is just so easy to keep using and IPv6 support is often treated as an after thought. I had troubles with my Ubiquiti gateway using IPv6 and the forums often recommend just disabling it. Some features don't work correctly with IPv6 even now.
Google/Nest wifi did a good job of just making IPv6 enabled by default for all consumers.
Imagine that you have two ways of addressing your system.
1) Allows you to access almost 100% of your potential customers.
2) Allows you to access around 35% of your potential customers.
Especially if that one with 35% of my customers provides me with lower latency, higher throughput and costs me less in CPU time/power to run my traffic across.
The rest of the people I need to eat the cost for...
I believe most home ISP doesn't support IPv6 in many countries like Canada. Thus, resulting in IPv4 still being considered as "default".
Also, with the increasing numbers of devices connected everyday, we're running out of IPv4. Think of the demand vs supply curve (demand high, supply low, result = higher price/ip)
Most is incorrect. Many big ISPs support IPv6. The IPv6 charts notice more IPv4 when people are working, and IPv6 while people at home (nights and weekends) because so many ISPs do support IPv6 and it just works. The big cable ISPs and the big cell phone (not sure if all, but some at least) support IPv6 to everyone and have been doing it for a long time because it just works (they had to do some effort early to get it to work).
I have noticed that when looking at the internal IPv4 address of my phone. What's the technical difference between Carrier Grade NAT and "traditional" NAT?
From what I can tell it is just the power. Traditional/home NAT runs on low powered computers. CNAT is the same thing, but with very powerful computers with a lot of memory so they can handle thousands of users (possibly each with gigabit internet connections!) behind one IP address.
The graph of IPv6 adoption over time on that page [1] is pretty cool because you can see the average jump up with COVID. I'd assume that means residential internet is more likely to use IPv6 over cell or work internet.
More precisely, the repos; When you activate IPv6 on Debian, then apt-get (the package manager) is extremely slow. This is because it first tries to reach a repo in IPv6, then after 30s falls back to IPv4. If you disable IPv4, it is lightening fast. Many services behave the same way, to the point that computers are generally faster on IPv4.
Maybe it changed recently but it wasn’t the case for the last 10 years and I’ve quit trying, and I’m not knowledgeable enough to configure the Debian system far from the defaults.
Edit: Maybe it is my ISPs who don’t support IPv6, which makes it hard to improve because the problem is invisible for, for example, Debian developers who work on IPv6 support.
My residential connection at home. "Switch to another provider" is not an option, since there are no other broadband providers near me. (and no DSL does not count as broadband)
Residential and SOHO gateways usually don’t offer much configuration for ipv6, and it’s generally an afterthought in their interfaces, even if it is increasingly being used.
Zoom into 2020, and you can clearly see when the lockdowns due to the pandemic start on that chart. The other interesting artifact is that it looks like IPv6 network rollout tends to almost exclusively happen in the April-July timeframe.