On Fri, Jun 21, 2019 at 10:01:47PM -0500, David Wright wrote:
> On Wed 19 Jun 2019 at 04:23:15 (+1200), Richard Hector wrote:
> > On 19/06/19 4:12 AM, David Wright wrote:
> > > On Mon 17 Jun 2019 at 10:38:27 (-0400), Gene Heskett wrote:
> >
> > >> But that opens yet another container of worms. If I arbitrarily assign
> > >> ipv6 local addresses, and later, ipv6 shows up at my side of the router,
> > >> what if I have an address clash with someone on a satellite circuit in
> > >> Ulan Bator. How is that resolved, by unroutable address blocks such as
> > >> 192.168.xx.xx is now?
> > >
> > > Seems a good reason not to bother setting up ipv6 local addresses
> > > until we (you and I) understand it and ever see ipv6 on this side
> > > of the modem. I'm not holding my breath.
> >
> > If you never try setting it up, when do you expect to understand it? And
> > I see IPv6 on my side of the modem; I suspect many others do too. I
> > expect you'll get it sooner or later.
>
> What's more relevant to me is not when IPv6 is made availble to me, but
> when IPv4 is withdrawn. Until then, I have IPv6 disabled in the router.
This is not quite the case. Here is why:
IPv4 is almost entirely exhausted. In some regions it is already
exhausted. New businesses entering the marketplace who want to
advertise services on the Internet will need to either buy IPv4 on
the auction market or else live behind something called "Carrier
Grade NAT" (CGNAT).
CGNAT can be in a couple of different configurations but the most
common are as follows:
- NAT444
Three networks of IPv4:
a) Customer's own private (RFC1918) IPv4 network.
b) Provider's own public IPv4 network, but a much smaller number
than the sum of customer networks.
c) The public IPv4 Internet.
- DS-Lite
Two networks of IPv4 with an IPv6 core:
a) Customer's own private (RFC1918) IPv4 network.
b) Provider's IPv6 core.
c) The public IPv4 Internet.
Now probably if you aren't already behind a NAT444 you're not going
to be put behind one, but it could happen to anyone at this point if
they switch ISPs.
So let's say you are an IPv4 hold-out who visits a small business's
site who can't afford to buy highly valuable IPv4 addresses of their
own¹. They are very possibly going to be behind a NAT444.
If you also are behind a NAT444 then that's 6 layers of NAT that
every packet traverses!
CGNAT devices are really expensive and not a great solution. They
have to hold a lot of state and any protocol that uses lots of ports
can run them out of their per-IP state limits. As the end users
either side don't have administrative control of the NAT in the
middle, it is not possible without provider assistance to set up
permanent mappings i.e. to set up servers that permanently hold an
IP;port pair.
NAT hampers the ability of end-to-end communication on the Internet.
The good news is that there is a very easy fix. Just start using
IPv6. There is no shortage of IPv6, so no reason why the newcomer
sites can't serve on v6 immediately, and if you view on v6 then you
side-step this entire CGNAT apparatus.
Now, in the North American and European market, outside of cellular
networks, it is still rare to end up behind a CGNAT. In the Asian
markets a lot of people are behind CGNAT because they ran out of v4
a long time ago. It's coming to us in Europe and North America too.
That is why the stance that, "I have IPv4 so I don't need to do
anything" is not completely correct: it's not urgent for much of the
world at present, but we will get into a situation where either one
or both sides of a given IP conversation are behind multiple layers
of NAT that they don't control, and that's bad.
It is essential though that ISPs turn on v6 and end users use it
without even knowing. That's the only way this gets done.
So I would say that most of the onus is on your ISP, but if they're
doing their bit and providing IPv6 and your side isn't just working
with it without you doing anything then that is a problem that
should be looked into.
If they aren't doing their bit and not providing v6 then I
personally would be asking why and looking around for another
provider, but it is the case that a lot of people are in a
near-monopoly without real choice of ISP.
Eventually the cost of CGNAT will force even those tardy ISPs to
push out v6 to their subscribers, because there comes a point where
that's cheaper than scaling the CGNAT.
Cheers,
Andy
¹ To give you some idea of how valuable, I looked up what IPv4
addresses are selling for today, and it's about $40k per /21. That
means that my business's most valuable asset as of today is its
IPv4 addresses. How will new businesses cope? I didn't have $40k
when I started my business.
--
https://bitfolk.com/ -- No-nonsense VPS hosting
