this post was submitted on 24 Sep 2024
105 points (94.9% liked)

Asklemmy

43891 readers
984 users here now

A loosely moderated place to ask open-ended questions

Search asklemmy 🔍

If your post meets the following criteria, it's welcome here!

  1. Open-ended question
  2. Not offensive: at this point, we do not have the bandwidth to moderate overtly political discussions. Assume best intent and be excellent to each other.
  3. Not regarding using or support for Lemmy: context, see the list of support communities and tools for finding communities below
  4. Not ad nauseam inducing: please make sure it is a question that would be new to most members
  5. An actual topic of discussion

Looking for support?

Looking for a community?

~Icon~ ~by~ ~@Double_[email protected]~

founded 5 years ago
MODERATORS
 

Now currently I'm not in the workforce, but in the past from my work experience, apprenticeship and temp roles, I've always seen ipv4 and not ipv6!

Hell, my ISP seems to exclusively use ipv4 (unless behind nats they're using ipv6)

Do you think a lot of people stick with the earlier iteration because they have been so familiar with it for a long time?

When you look at a ipv6, it looks menacing with a long string of letters and numbers compared to the more simpler often.

I am aware the IP bucket has gone dry and they gotta bring in a new IP cow with a even bigger bucket, but what do you think? Do you yourself or your firm use ipv4 or 6?

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 month ago (2 children)

With NAT existing, I'm not sure there's a significant reason to switch anymore.

Plus the "surprise" privacy and security benefits of just... not having every network connected device directly addressable by anyone else on the global network. The face of the internet and networking in general, plus the security and safety concerns around it, have changed dramatically since v6 was first created.

[–] [email protected] 14 points 1 month ago (1 children)

NAT is just security by obscurity and actually not really security at all. What's protecting you from incoming scans, etc is your network firewall. That firewall works just the same for IPv6. Blocking incoming traffic for your home network is usually the default setting in your ISP issued router anyway.

Working as a network engineer, NAT in a large scale customer environment can quickly devolve into a clusterfuck. Many times we had week long reachability issues due to intermediate ISPs NATing unexpectedly.

My nemesis is GCNAT, which adds another layer of NAT because some ISPs don't have enough public IP space for all their customers to go around.

I have a customer where their ISP just assigned one of their locations public IPv4 addresses. Neither the customer, nor the ISP owned that address space. Their logic was that this address space is registered on a different continent, so it's basically fair game to use it themselves. Granted, they only route it internally for a MPLS network, but still...

What I'm getting at is that NAT increases complexity and breaks properly routed end to end connections. Everyone kinda fucks up with NAT, especially ISPs (in my opinion anyway).

I can really recommend the IPv6 study material from the major internet registries (took the v6 courses from RIPE NCC myself).

IPv6 is so much simpler for subnetting, writing firewall rules,... IMO the addresses just look kinda clunky.

[–] [email protected] 4 points 1 month ago

NAT is just security by obscurity and actually not really security at all.

“Security” was not the purpose of NAT. That was just a side effect that became overly relied on out of convenience.