Hacker News new | ask | show | jobs
by unethical_ban 1723 days ago
I dug into IPv6 a few weeks ago. If you learn it from the ground up, as if you were first learning IPv4, it truly is not more complicated than IPv4+ARP. Length of address may be a reason people don't look at it at first, but if you look at it from an engineering perspective, it makes sense.

The only thing I don't like about it, is how they created SLAAC (a way for a client to auto-configure its own IP address without DHCP) - but didn't enable routers to provide DNS information.

Therefore, in any useful deployment, you need to deal with SLAAC for IP allocation, and DHCPv6 for DNS information.

Outside of that, the spec is pretty decent.

----

Also, damn every ISP and every router company that doesn't 100% support IPv6. Shockingly, this includes Ubiquiti, which is "supposed" to be medium-enterprise grade.

ISPs and endpoint network devices are the only reason we don't have IPv6 more prevalent, combined with NAT, CGNAT etc. being good enough to keep the net hobbling along.
8 comments
gorgoiler 1723 days ago
As of a few years ago you don’t need DHCPv6 to announce DNS servers.

Router advertisements can announce a recursive DNS server (RDNSS) which local clients might like to use, eg:

https://github.com/radvd-project/radvd/blob/master/radvd.con...

Bad luck though if you are using, ahem, AIX or Windows Phone:

https://en.m.wikipedia.org/wiki/Comparison_of_IPv6_support_i...

link
mercora 1723 days ago
> The only thing I don't like about it, is how they created SLAAC (a way for a client to auto-configure its own IP address without DHCP) - but didn't enable routers to provide DNS information.

there is RDNSS for router advertisments used with slaac. although it wasnt there initially and support for it might be lacking yet.

link
AceJohnny2 1723 days ago
> Also, damn every ISP and every router company that doesn't 100% support IPv6.

It's extra development and extra testing (in fact it's way more testing due to the combinatorial explosion of IPv4/IPv6 interface schemes).

That comes at a cost.

> ISPs and endpoint network devices are the only reason we don't have IPv6 more prevalent, combined with NAT, CGNAT etc. being good enough to keep the net hobbling along.

ISPs & endpoint devices are the majority of the Internet, as far as complexity is concerned. Upgrading the equipment for HW-acceleration of IPv6 (parity with IPv4) is very costly.

link
lokedhs 1723 days ago
In what way doesn't Ubiquity sorry it? I'm using only Ubiquity gear at home, and my network is fully IPv6.

My router is an Edgerouter by the way.

I do recall seeing some of the configuration wizard stuff not having options for IPv6 in the past, but that's just for initial configuration anyway. Once you are done with that you do everything from the config tree anyway.

link
kalleboo 1723 days ago
If you configure an EdgeRouter completely through the command line then yes it does support it. The web UI though, is completely missing things like IPv6 firewall if you just quickly want to add a rule with a few clicks.

On the Unifi gear, the IPv6 UI that is there is marked "beta"

link
lokedhs 1723 days ago
Thanks for the information. Since my firewall configuration is a bit more complex than what was supported by the simplified UI I never really used it.

Just to be clear, one can configure the IPv6 firewall through the UI. One just has to use the config-tree rather than the easy firewall configuration.

link
yrro 1723 days ago
The unifi UI can't even display the IPv6 addresses of WAN interfaces!
link
ArchOversight 1723 days ago
> Therefore, in any useful deployment, you need to deal with SLAAC for IP allocation, and DHCPv6 for DNS information.

Until Windows 10 this was correct, but now that Windows also supports RDNSS in Router Advertisements that is no longer the case.

My home network has been running SLAAC without DHCPv6 for years now.

link
josephcsible 1723 days ago
How important is it for networks to provide DNS servers? Couldn't a device usually get away with just using 2606:4700:4700::1111 or 2001:4860:4860::8888 all the time with SLAAC? Also, what about RDNSS?
link
supertrope 1723 days ago
DNS is even more crucial with v6.
link
unethical_ban 1723 days ago
So, I was less aware of RDNSS. That makes one of my complaints moot.

DNS is critical. I'm not talking about registering an endpoint into a local DNS server (mydesktop.local), I'm talking about the endpoint knowing who to ask about google.com.

link
josephcsible 1723 days ago
I know DNS itself is critical. I'm asking whether network-provided DNS is critical, or if using well-known DNS servers like Google's or Cloudflare's would be good enough on most networks.
link
iggldiggl 1723 days ago
Do those return the correct CDN servers matching your geographical location and/or ISP? I didn't try Google or Cloudflare specifically, but I did experimentally used some other DNS provider for a while, until I eventually ran into the problem that by doing so I got the "wrong" set of servers for anything hosted on Akamai, where the route between my ISP and those specific Akamai servers was grossly overloaded in the evenings.

Switching back to my ISP's DNS meant getting a more suitable set of Akamai servers and reasonable download speeds again.

link
apple4ever 1723 days ago
> Also, damn every ISP and every router company that doesn't 100% support IPv6.

Such as Verizon who still doesn't support it on FIOS

link
tssva 1723 days ago
Verizon FIOS does support IPv6 in some areas. IPv6 support has been available in my area for a couple of years.
link
JoshTriplett 1723 days ago
> The only thing I don't like about it, is how they created SLAAC (a way for a client to auto-configure its own IP address without DHCP) - but didn't enable routers to provide DNS information.

That complexity is also part of why the Linux kernel's built-in support for IP autoconfig at boot time for network-based root filesystems (without using a userspace DHCP client) only supports IPv4.

link