I'm ignorant on these things, so please inform me - but given IPv6's awful adoption rate, and given how foreign it's numbering scheme is to many, why can't we introduce IPv7 and just extend the IPv4 scheme with additional octets?
Something like 0.0.0.0.0.0.0 and everything without the correct number of octets just gets filled with zeros. So 192.168.0.1 becomes 0.0.0.0.192.168.0.1. Then also don't give out /8's to universities and the like (repeating old mistakes).
This is probably naive, but it seems it would be easier for people to use vs. 2661:919a:023e:911a:44dc:f656:233e:8816
Because the problem is not the numeric representation. The problem is when you get a message from 1.0.0.0.1.1.1.1 to 0.0.0.0.192.168.0.1, and 192.168.0.1 is an IPv4 only device, what are you going to tell 192.168.0.1 about the source address? There's only a 32 bit field in the protocol.
Are you going to lie and tell it it's 1.1.1.1? Congrats, you've just reinvented NAT. Enjoy your stateful boundary system and all that complexity again.
Are you going to add some extension to IPv4 and try convince everyone to upgrade all their hardware, software and configurations? Then you have the exact same problem IPv6 adoption had, except IPv6 adoption is at like 45% globally and your new scheme is at 0%: https://www.google.com/intl/en/ipv6/statistics.html
If you have some other idea, make sure to check it against the list of IPv6 transition mechanisms before commenting - it probably exists for IPv6, and ultimately all of them have been displaced by dual stacking: https://en.wikipedia.org/wiki/IPv6_transition_mechanism
IPv6 is 128 bits... so we already made a change. Why can IPv7 not be 128 bits as well, but vastly more readable/recognizable than IPv6. Hex is hard on the eyes, especially for those who don't stare at it all day.
The move to hex is to avoid people having to memorise all these offhands like "so a /27 is x.x.x.0-31". Instead every "4" in the subnet is another digit.
But also do you think 24414.64517.21200.44298.46574.49887.23623.7394 is really that much easier to type? Or 231.22.96.68.14.229.38.41.242.44.72.220.156.50.232.95 if you keep to 8 bit octets?
Maybe I'm weird, but I do in fact think that is easier. People memorize long numbers all the time, such as SSN, phone numbers, account numbers, credit card numbers, etc. People are not very good at memorizing lengthy alphanumeric sequences such as randomized passwords. I don't know why, but it "just is".
But -
Point taken. It does seem in practice though people will still have a need to memorize/recognize addresses for various purposes, such as administration/dns/etc.
It's easy. Long sequence of 10 possible tokens that we're always used to seeing together. Easier to memorize because you subconsciously use any patterns you notice, and with just 10 possibilities the patterns are there. And you've been reading sequences of digits since you were old enough to get given pocket money.
Vs long sequence of 16 possible tokens, of which 10 belong in one cognitive group and 6 in another. The extra 6 you've never memorized before in random order because they're for representing your language and that has other ingrained patterns.
Let's not forget they admitted ipv6 addresses are too long and allow you to skip parts of it so now you have to count the colons carefully...
You don't understand why a sequence of 39 digits might be harder to memorise than sequences of 10? 16 is longest of the examples that people actually memorise (no, people are not memorising their bitlocker keys), and even then they have 1 example that lasts at least 5 years to deal with, instead of however many IP addresses they have to deal with.
Also many of my account numbers and my nations equivalent of a SSN are alphanumeric so 36 vs 16 choices.
I could be wrong, but I do not think it's easier to remember 45465465464938259 then it is to remember the lyrics to a popular song. Now I assume there is some sort of brain difference playing here. But while looking it up most popular memorization strategies are either ram it into your head with repetition or converting it to songs, rhymes, poems, or other word phrases.
It's quite easy to remember things like "Mmm-mmm, went the little green frog one day".
I mean... yes, actually; I can type those blindly on a normal numpad. I'm sure somebody somewhere has made a hex number pad, but realistically on any normal keyboard entering hex means going back and forth between number and letter keys.
On QWERTY layouts, you can type ABCDEF with your left hand and 0123456789 with your right hand on the num pad.
That would be really convenient if : weren't in the middle of the keyboard. Maybe hardcore IP typists need an alternate keyboard layout where * maps to :
Speaking of which, the slash notation has not gone away in IPv6 notation.
At least the user networks are /64s, so, to some degree, CIDR notation isn't relevant for someone just trying to set up their system - netmask is now always 64 bits. And sure, ISP/Network Engineers still care about /56, /48, /32, etc... but that's their day, and takes about a week to have it ingrained in a way that you almost never could with IPv4.
Microsoft did. The first example is pretty much what bitlocker recovery keys are.
I think two major problems that IPv6 failed to account for are the unreasonable ambiguity and "global registry" proposed by the Unique Local Address range, e.g. fc00::/7. This was even after having the opportunity to fix the previous mistakes in the fec0::/10 range.
It was entirely inappropriate for small scale personal networking and assumed an "administrative scope" that's too cumbersome and without purpose for most implementations.
I wonder if a dedicated "local" network prefix with a fixed /64 mask and an operating system recognized "alias" would have been a good mechanism to introduce. Something like fec0::/64 with an option to call it "local::". Then you might be able to more easily move from a world of 192.168.10.1, 192.168.10.2 to a world of local::1, local::2, that being translated to fec0::1 and fec0::2.
What do you mean by global registry? ULAs do have a local bit, by setting it to 1 (i.e., fd00::/8) you can have your own ULA range. I am using ULA in my own home network.
Right, and the local bit being 0 is currently undefined, but the original and lasting idea (apparently) is to create a central registry for it, so that in some future case where you have to merge corporate networks with their own ULAs there is zero chance that there would ever be a collision between the two.
Even in so far as the local bit being 1, there have been at least two attempts to create a "voluntary global registry" for your randomly generated prefix, mostly for the same "collision avoidance" stated above.
In either case, somewhat unintuitively, those are still _global_ addresses, and don't have the same level of "non local routing" restrictions that the RFC1918 address space explicitly gained.
It's been a mess, and at some point, the IETF just seems to have given up on it.
Like most things people don't like about IPv6, you don't like this because you misunderstand how it's supposed to work.
There is no need for a ULA registry because you're supposed to pick a random prefix within the ULA space. The ULA space has 7 bits already defined, so you're picking a random prefix from a space 57 bits big. The chance that you will pick the same prefix as some other specific person is effectively zero.
(the birthday paradox does not apply because we don't care if your prefix matches anyone else on earth, just the one specific person/organization that you want to merge networks with).
Err, what? ULAs are routable and "global" addresses in exactly the same way that RFC1918 addresses are routable and global. They are valid addresses within the address space and the only thing that makes them "not globally routable" is that all routers have certain prefixes baked into the firmware as non-routable. If you don't trust your router not to route them for IPv6, why do you trust it for IPv4?
Thanks for explaining my own motivations to me, while at the same time denying that any discussed changes are relevant to anyone.
I was merely summarizing what the public opinion on the matter happens to currently be. Which suggests that the current recommendation to pick a random address and be happy with it is inadequate. The original posts dissatisfaction with being able to deploy IPv6 _conveniently_ also hints that improvements would be welcome by most people.
RFC1918 explicitly defines it's addresses as local and not globally unique. RFC4193 specifies that these addresses are meant to be globally unique. RFC1918 requires a more specific level of filtering than RFC4193, and the definition of "site local" has always had some ambiguity to it.
So, within the very specific and nuanced points I was trying to make, no, they're different.
Agree with the parent that there is no need for a ULA registry for locally assigned addresses under RFC 4193 (which is every one I've ever seen). But there is that option for globally assigning addresses that I'd be intrigued to see if anyone does anything with...
Also important to note that while RFC1918 is roughly equal to RFC4193/ULA, that "site local" is another beast entirely (FECO ) that was, as you noted, ambiguous and was deprecated in rfc3879
Well -that's not entirely true. RFC4193/ULA has a Local Bit that, in my experience, is almost set to 1, so the prefix is FDxx.... At a prior company we rolled out about 25 million nodes all in RFC4193 space (non-routability was a design objective) - and, just to be within spec, we did indeed grab a random /48 for each customer instance we rolled out (and made very good use of the 65K networks we had available within that /48).
But - what if that Local bit is set to 0 - then:
Presumably there was some thought that there might be a Global Registry that the OP was referring to?Concur with the rest- and, honestly, RFC 4193 is one of the simply written RFCs out there - understandable within 30 minute read - I'd encourage everyone to dig into it.
They are meant to be globally _unique_ (or effectively so, by utilizing RNG you ensure that it is very, very unlikely for two organizations to have the same ULA), but they are not globally routable.
You gotta love how they decided to use colons as part of the notation! But, oops, that is also used for port number notations. Solution? Square brackets:
Yeah it's annoying, I've come across numerous address parsing bugs because of this.
I think the reason they needed to use a different delimiter is because IPv6 addresses can also omit entire portions of zeros as a convenience feature to shorten addresses, which means there are a subset of shortened addresses that look exactly like IPv4 if not for the delimiter.
To prevent that, you can write tons of test cases. IPv6 notation parsing and generating test cases are oodles of fun.
If you'd like to figure out a nicer representation for IPv6 addresses, go for it. You needn't break any compatibility for it, just invent a new representation.
I'd argue that the most common format such as 2001:db8::f00f is already pretty darn readable, and not hard to copy+paste when you need bare addresses. Base85 is an alternative if you'd like something that's purely optimized for fewer characters, but it only really helps with exceptionally long addresses like 2001:db8:424b:b4ff:fcb5:b643:f721:b703 becoming 9R}vSk6QzV!G$<lwB;|~
Memorize that :) Then try to tell it over the phone.
You're more than welcome to represent an IPv6 address in some other format. That's just a implementation detail in the UI. You don't need a new wire protocol to do that.
(There's already at least 4 different ways you can write an IPv4 address, and your OS is happy to accept any of them.)
Because 99.99% of people never see an IP address let alone interact with them.
Thankfully there is near-100% compliance with PTR reverse-dns for IPv6 addresses and networks. /s
How does this work in practice, does user equipment end up with dual IPv4 IPv6? if not how do they access IPv4 only sites (of which there are still plenty)?
It's just as you have described, this is called dual stacking and is currently the most common type of IPv6 deployment.
Alternatively, cellular ISPs may make use of NAT64+DNS64. In this case, the IPv4 addresses are combined with a NAT64 prefix (most likely 64:ff9b::/96), producing addresses such as `64:ff9b::198.51.100.1`. It is effectively the same as CGNAT, but pretty much everything is single stacked IPv6 up to the IPv4<->IPv6 border relay in the ISP network.
The way it's supposed to work is the ISP delegates a prefix to the user's router, the router will advertise for that subnet and client devices will use slaac to configure their ipv6 addresses. Meanwhile for IPv4 it operates as normal. For incumbent, mostly wired, Western ISPs that means a pool of IPv4 addresses and subscriber level NAT. For everyone else, that probably means CGNAT.
My ISP gives me both an IPv4 address and a heap of IPv6, most browsers will use what is called Happy Eyeballs to try both IPv4 and IPv6 at the same time and use the one that connects the fastest.
Are you going to lie and tell it it's 1.1.1.1? Congrats, you've just reinvented NAT. Enjoy your stateful boundary system and all that complexity again.
(Shrug) It works. What problem is being solved here, again?
The funding of the ipv6 commitee probably.
And porn for those who like overcomplicated 'enterprisey' solutions where they aren't needed.
Just look at your favourite game console provider's forum discussions on "NAT types" and you'll see that it really doesn't. Or try self host on CGNAT. Or realise the only direction for IPv4 prices at AWS etc. is up
Yeah, so I'm going to say that's just not true. If IPv6 had been significantly simpler (e.g. by mainly focusing on increasing the address space) then adoption would be much higher today – probably universal. The problem is that IPv6 changes a lot, and that implementing it is a fair amount of work. The entire business with tunnel brokers and other compatibility schemes are complex and difficult to use.
To completely change gears now would be silly and too late, but it's been almost 30 years and it baffles me how anyone does not consider the entire thing a spectacular failure. People use Python 3 as a warning about compatibility, but IPv6 is a much larger catastrofuck, and that's largely due to decisions IPv6 people made. Whether IPv6 is "better" or not doesn't even come in to play.
https://www.google.com/intl/en/ipv6/statistics.html ~50% worldwide with lots of countries way over that is not what I'd call awful.
Every proposal like that requires changing all the routing hardware anyway, because we effectively ran out of bits in the IP packets to mark anything new. And once you need to change hardware, you may as well just go with a better designed protocol like ipv6.
People don't use IP addresses anymore. DNS and local discovery covers this for anyone apart from geeks and IT people. If it doesn't, it's a bug at this point.
IPv6 was drafted in 1998, and ratified in 2017. 7 years after becoming "official" only 50% adoption rate world-wide is not what I would call stellar either.
Also, looking at that chart it's closer to 40%...
Industry doesn't adopt a thing until there is a need for it. In 1998, there really wasn't a need for it. Now there is. So now it gets adopted. News at 11.
Also, it's worth to keep in mind the delay on the hardware replacement. There were home routers which didn't support ipv6 even 7 years ago. And there many home routers deployed today which are over 7 years old.
Also, my provider fully supports IPv6 and so does my hardware, but I have to click a button in the control panel to activate it explicitly. That's practically around a million of people who could be on IPv6 right now if they just opted in.
I’ve noticed that the Ubiquiti UDM Pro router has IPv6 turned off by default; and I don’t really want to change the defaults, because idk, maybe something will subtly break, and in any case it works fine as-is…
It looks like it's going to be a few years until not enabling it will start subtly breaking things. ;) It's a trivial change to reverse, so if you're interested, give it a go.
Honestly... 50% in 7 years is an impressive achievement, and far from being awful. People often compare IPv6 adoption to things such as HTTPS adoption, but upgrading to IPv6 requires hardware changes on both the ISP side and the customer side, and as we all know, hardware upgrades take forever. It's not unusual to see >10yo equipment running in the wild.
Also even for HTTPS adoption - it was introduced in 1994, and in 2010 even major websites like google and facebook were basically only bothering to secure their login page which is how Firesheep came to be. It was only really that illustration of the business need that caused anyone to start bothering, and despite that demonstration, adoption was below 50% as late as 2018
Also, lots of places and software are "stuck" at HTTP/1.1 when HTTP/2 and 3 are already out. Why are they stuck at something that came out in 1997?
Presumably it would be far easier to upgrade/replace your webserver, loadbalancers and clients than replacing all routers on your ISPs.
It's kind of a misunderstanding to say that IPv6 became official in 2017.
The IETF has multiple standardization levels, with Proposed Standard being the first and Internet Standard being the last (there used to be Draft Standard in between but it was eliminated). Proposed Standards are deemed ready for deployment and lots of important protocols (e.g., TLS, QUIC, etc.) are at Proposed Standard. IPv6 went to PS in 1998, and people have been trying to deploy it ever since, so it's really more like 25+ years since it was official.
If you're typing out IP addresses your doing it wrong. We've had DNS for checks watch 40 years.
IPv6 isn't THAT different from IPv4. It's a 128 bit number instead of a 32 bit number. When righting it out we use hex (because it's shorter).
We use multicast instead of broadcast so your Subnets can be bigger
The smallest subnet is /64 so vendors can do optimization hardware.
Routers announce the prefix they route (and a DNS server) and let endpoints autoconfigure(with built in IP conflict detection!). Instead of a stateful DHCP server(which is still an option).
And we let nodes have local and global addresses so issues with the router don't necessarily break local communication. (And they're easy to tell apart, if starts with an f it's a local adress, if it starts with 2 it's a global address)
That's pretty much all that's different. 80% of what's different is the address space.
Having done basic tech support, sometimes typing out addresses is necessary. You'd think mDNS would help computers find your modem when you're first setting up your internet connection, but the super "helpful" modern browsers all try to go to google.com/search?q=myrouter.localnet even if mDNS is providing various IP addresses to try first.
That's not IPv6's fault, but it is a pain. Especially considering that local networks differ from router to router, making it impossible to write a manual to access a router's settings for when the thing needs to be configured before it can connect to the internet.
Of course, in those cases there's nothing preventing manufacturers from providing some 192.168/16 IPv4 addresses for those specific use cases (and not route them to the internet). I've even seen one manufacturer listen on a bunch of 169.254/16 addresses for when DHCP fails somehow, and I think that'd solve the problem perfectly without even needing a DHCPv4 server.
169.254 is IPv4 link local range like IPv6 fe80
Windows will try to auto configure with a 169.254 link local if DHCP is unavailable. Not sure if anyone is actually using them for LAN. They come up sometimes in point to point or for other shenanigans (commonly on cloud or virtualized networks for special services)
Afaik for Firefox and Chrome you can add a trailing / to prevent it from doing a web search and attempt to do a DNS lookup instead
I've seen it done few times for niche devices and I've done it a few times when I needed a really quick network operational and didn't want to bother setting up any supporting infrastructure such as a DHCP server. Never for any production environment though.
I've toyed around with an IPv6 link local only environment but browsers don't support adding the zone identifier[1] for link local addresses. There's workarounds but in most cases for a fully isolated network it's about the same effort to setup a small DHCP server somewhere.
That said it's not a comprehensive solution, Android AFAIK still won't support DHCPv6. To get that to work AFAIK requires router advertisements and some more odd finagling if privacy extensions are enabled on the device.
[1]https://ungleich.ch/u/blog/ipv6-link-local-support-in-browse...
I sure hope nobody is using 169.254 for LAN (though I suppose you could, just like you could use 100.100) but I discovered it as a pretty smart fallback for routers. I suppose you could hardcode http://[fe80::1]/ on the IPv6 side as well, but I've never seen a router actually do that.
The trailing slash trick sometimes worked, but not always. It took a couple of tries to get working every time I needed it to work. I bet it's some kind of problem on the mDNS layer, but regardless, the quickest way to fix it was to use an IP address.
Another annoyance I have (which isn't the protocol's fault) is that on my phone I can't even hand-type IPv6 addresses because Mozilla is using some kind of regex to detect if things are URLs and that regex doesn't support IPv6. It did for a short while, but the IPv6 regex was too complex and slowed things down, so that was reverted.
Awful adoption rate? https://www.google.com/intl/en/ipv6/statistics.html
It's sitting just shy of 45%, based on what Google sees, and growing at a steady pace. The main issue is not technical, it's need. Right now, everything is accessible over IPv4, and probably over IPv6. There's no negative consequences from not having IPv4, it really needs initiatives like this one, and the US federal government one to drive things forwards (US federal agencies have to be single-stack IPv6 within a couple of years, which is forcing every government dealing vendor to get their act together on IPv6)
A couple months ago I got a new router and some stuff didn’t work until I turned off ipv6 (I don’t recall what, exactly)
I tried that solution early because when I first got Google Fiber the Amazon store website didn’t load, on any machine in our house, until I turned off ipv6. If stuff tries to route over ipv6, it doesn’t work, has been my entire experience with the protocol on the open internet (private networks seem Ok)
Next time try: https://test-ipv6.com/
If you get 10/10 here everything should work. Most likely your issue was a firewall rule on the IPv6 part, or a misconfigured DNS server (only returning A records)
My home connection fails because it’s disabled (of course).
Kicked my phone over to my T-Mobile cell connection. Finds that I have an ipv6 address, but dies on one of the first tests.
It’s 2024 and I have two major US ISPs available and neither will let me reliably use IPv6 unless I’m on a vpn and the addresses are all private ones that don’t (logically) route to the Internet.
In my country, rare are the ISPs which don't provide IPv6 (it has been the case for years, and that includes mobile internet).
I think the lagging services about ipv6 are steam, github, HN, and a few smtp servers here and there.
I think that Reddit and AWS are mostly non-ipv6 yet as well, that's a pretty big deal.
Oh, I don't use reddit, but AWS... mmmmh... and that makes me think about akamai.
It seems ipv6 is slowed down by big tech, the one with the bucks to move to ipv6, paradox, or they know IPv4 mechanically favor strongley centralized services? As it is toxic to clean and simple p2p protocols?
mmmmmh....
If you mostly dislike the long addresses, you can cut out the second half. You can make your device be 2661:919a:023e:9100::1.
If you want a near-exact equivalent of 192.168.0.1, then you can use fec0::1 or fd00::1. That's even shorter than IPv4! You kind of shouldn't, but it'll work fine for a tiny network.
But as other people have explained, the compatibility will be just as bad. And IPv6 does have address ranges like that. Nobody talks about them because not much can be done with them.
And the reason it's recommended against is that you might later decide to join your local network to another one and then you'll have to renumber them. Which is exactly the same problem with IPv4 local addresses. Except unlike IPv4, there is a mechanism to prevent that ahead of time
Which is absolutely important once you're a business with a bunch of subnets, the kind of network that would be on 10. in IPv4.
If you're on 192.168 and you just want the convenient addresses, go for it.
This comes up every time IPv6 is discussed.
Any change to IPv4 to extend the IP space (eg your example) would require a breaking change to the specification. So this would require changing every router on the planet to support it.
You're also focusing on how the IP address is written when that doesn't really matter. Changing the format isn't dragging out IP adoption.
Changing the IP protocol to support more stuff has been considered... that's how we got IPv6 in the first place.
Because that would be starting from scratch the migration with all the warts and less of the benefits.
About the only part that would be easier is that more people use less broken APIs compared to BSD Sockets, with getaddrinfo and similar solutions ported from XTI/Plan9 finally becoming the norm.
So no more "you need to duplicate code to add support for new IP version".
But that's still worse than migrating to v6, which has widespread hardware support in switching equipment, considerable preference in mobile networks and not only (TL;Dr it's cheaper to use v6 to carry v4 traffic using 464 stateless translation rather than other forms of CGNAT), and some IOT systems (industrial, not home stuff) are v6-only if they have IP connectivity on the embedded side at all.
40+% adoption rate since the World IPv6 Launch Day in 2012 is not what I would call awful [0].
To clarify, IPv6 and IPv4 addresses are effectively just a number. On Linux, you can even do `ping 16843009` and see the tool actually pinging the address 1.1.1.1! The octets you see in typical IPv4 addresses, or the hextets in IPv6 ones, are just a way to represent those addresses.
If you think the address representation is the main thing holding IPv6 back, you are thinking it wrong. The most likely reason is actually software & hardware support, and the industry's general sentiment of "if it ain't broken, don't fix it" keeping NATs alive.
The ship has already sailed. If IPv4 addresses are really that easy to remember, DNS would not have been invented.
Furthermore, when it comes to memorization of IPv6 addresses it's very helpful to split them into two halves. The second half can change rather arbitrarily (to maintain privacy by preventing address tracking), but the first half often won't because it is assigned to you by the ISP.
[0]: https://www.google.com/intl/en/ipv6/statistics.html