back to article Freed from the office, home workers roam sunlit uplands of IPv6... 2 metres apart

The long-awaited IPv6 train may finally be pulling into the station as Google reported a spike in usage. The Chocolate Factory has long published statistics on the adoption of IPv6 by users accessing its services and, from the ad giant's perspective at least, a heck of a lot seem to be staying at home. The percentage of users …

  1. erikscott

    Perhaps (probably?) mobile users

    I've noticed that when I use my phone as a hotspot and connect to it with my linux laptop, the connection to the outside world tries to go over IPv6 first. Given the chart's spikes on the weekends, that suggests to me it's mobile users. Add SARS-CoV-2 keeping people at home and I suspect mobile usage is much, much higher, which would account for the increase at the right edge.

    1. Len

      Re: Perhaps (probably?) mobile users

      It's not so much mobile as it is non-corporate traffic.

      Many domestic ISPs now hand out IPv6 addresses (even without most end users knowing) whereas statistically probably fewer corporate networks do. That means that home traffic is more likely to visit Google.com, YouTube.com, Gmail.com etc. over IPv6. We've been seeing this on evening and weekend traffic for at least a decade.

      1. Anonymous Coward
        Anonymous Coward

        Re: Perhaps (probably?) mobile users

        Exactly. Many ISP provided CPE also now come with IPv6 enabled, again without knowledge of the home users. Mobile providers have been doing IPv6 native connections for quite some time. My Mom has had an IPv6 enabled connection for over 5 years, she just has no idea.

        It is really the Corporate users that never bother to setup IPv6 (due to fear, ignorance, etc) in their corporate firewall that prevents greater adoption of IPv6.

        1. -tim
          Facepalm

          Re: Perhaps (probably?) mobile users

          Everything seems to come with IPv6 enabled by default these days (as it should) but security compliance is way behind. Not one of the 3 PCI-DSS scanners I have to deal with can cope with IPv6. If you scan doesn't include a report on IPv6, it is NOT complaint even if you thought you turned it off.

        2. tip pc Silver badge

          Re: Perhaps (probably?) mobile users

          "It is really the Corporate users that never bother to setup IPv6 (due to fear, ignorance, etc) in their corporate firewall that prevents greater adoption of IPv6."

          it's not as simple as just turning ipv6 on in a corporate environment.

          most places with an eye towards good practice and security will be carved up like pulled pork in their data centres, HO and key sites & entities they've borged or been borged into.

          Someone needs to understand the mess & rewrite for ipv6 and make sure it all still works. Those ACL's on WAN sites need rewriting for the new ipv6 zones, fw rules need rewriting, load balancer policies need rewriting. If the business is at least 10 years old then chances are that the original people who put the network in are long gone & the outsourcers have further mangled things to justify their charges.

          IPv6 in a fresh environment makes sense, so does SDN. changing your home to IPv6 when you've no customisation makes sense, changing old network where the original architects are long gone and no one fully understands all the quirks requires much bravery and deep pockets.

          1. Anonymous Coward
            Anonymous Coward

            Re: Perhaps (probably?) mobile users

            Not just carved up, but done so with a heaping side of static configurations. My employer has well over 20,000 servers (physicals and VMs) in five data centers, all of which have static IPv4 addresses. Those addresses are hard-coded in DNS, firewall rules, load-balancer pools, monitoring groups, and so on.

            We now have IPv6 configured on the vast majority of network devices, so the current plan is to run hybrid IPv4 & IPv6 from clients to our forward facing load-balancer devices, which will then deal with all of the translating. They don't care if a server pool is all IPv4, IPv6, or a mix, so we can slowly migrate the back-end during the next scheduled tech refresh. We can also kick the can down the road if problems arise. But since tech refreshes are about 4 years apart, that may be a while.

        3. Muppet Boss

          Re: Perhaps (probably?) mobile users

          >>It is really the Corporate users that never bother to setup IPv6 (due to fear, ignorance, etc) in their corporate firewall that prevents greater adoption of IPv6.

          You are surely unaware that the IPv6 standard did not include network-level resiliency for end users, unlike IPv4. It was never too difficult for corporations, until lately, to obtain a PI (Provider Independent) block of public IPv4 addresses and "advertise" it to multiple telcos (known as multihoming). It means, telcos could be added, dropped or changed easily without the need to change public IP addresses (re-addressing is painful).

          The original IPv6 standard did not explicitly allow Provider Independent IPv6 address blocks and early deployments were effectively locked to a single telco and its IPv6 address space. When corporate network engineers and IT managers realized that, IPv6 became extremely unpopular among corporate networking pros for many years due to a telco lock-in.

          It is now possible to obtain a Provider Independent IPv6 address block, and with IPv4 PI space exhausted, corporate networking is slowly moving to IPv6. This is a slow process because many self-hosted resources are being moved to the cloud in parallel and many companies are quite happy with their existing IPv4 PI space.

          As for the internal network, RFC1918 "grey" IP addresses are more than sufficient for the internal network addressing in most corporate networks. Separation between the internal network and the Internet is most often desired and mandatory.

      2. Anonymous Coward
        Anonymous Coward

        "Many domestic ISPs now hand out IPv6 addresses"

        Not everywhere, unluckily. In some countries they are still very affectionate to IPv4 addresses, especially when they can charge you more for a public/static one - something difficult to do with so many IPv6 addresses available...

    2. Arthur the cat Silver badge

      Re: Perhaps (probably?) mobile users

      Anybody know which mobile networks are/aren't IPv6 enabled (or is it geographical)? I'm with Smarty, a Hutchinson cheap and cheerful MVNO(*), running over Three's network and have never seen anything other than a 10/8 address.

      (*) It has the great advantage that if you don't use your data allowance you get a refund. My mobile use is very bursty(**).

      (**) Not that I'm going to be anywhere away from the home WiFi for the foreseeable future(***).

      (***) Well, I hope not. The local hospital WiFi is as crap as my chances of survival if I get infected.

  2. Steve the Cynic

    Colour me disappointed...

    No snark about El Reg's lack of AAAA record? Sigh.

    1. bombastic bob Silver badge
      Devil

      Re: Colour me disappointed...

      it must be their ISP. Though for some odd reason, in the past, I've had problems with IPv6 connectivity via their cloud content provider, something about not honoring MTUs during https/SSL key exchange (or something like that). Well, maybe that's fixed now, haven't seen that pop up its ugly head in a while (ALSO not El Reg's fault).

      It might actually explain the entire problem, depending on how you look at things.

      1. Joe Montana

        Re: Colour me disappointed...

        It's more stupid than that...

        They use cloudflare, and cloudflare fully support IPv6 by default, for some reason they've got it turned off or just not bothered to create the AAAA record.

        From here the latency to cloudflare over ipv4 is usually over 3x higher than over ipv6, because of the overloaded nat gateway imposed on me by the isp.

        1. Jamie Jones Silver badge

          Re: Colour me disappointed...

          It's disabled because of the forums and logging / posting IP etc.

          You can access the main site over www if you add the IP manually. See my post about it, and the official response here:

          https://forums.theregister.co.uk/forum/all/2019/11/25/ipv4_addresses_gone/#c_3923843

          1. Yes Me Silver badge

            Re: Colour me disappointed...

            "It's disabled because of the forums and logging / posting IP etc."

            4 months ago they said "(which is part of what we have yet to finish updating for full IPv6 support)." I realise that bringing a software fix into production takes time and won't happen during lockdown, but this is a fairly poor excuse when IPv6 has been production-ready for so many years.

  3. Joe Montana

    IPv6 by default

    Many ISPs now provide IPv6 by default, and many providers are now using NAT for IPv4 connections - especially for mobile users...

    As a consequence of this, connections going over IPv6 are generally faster and more reliable.

    The more traffic goes over IPv6 the better for the ISP and the customers, as NAT gateways are considerably more expensive to operate than routers.

    The lack of a NAT gateway can also reduce battery usage on mobile devices, as they can use longer sleep times for protocols like activesync without the gateway terminating the connection for being idle.

    A lot of the users still stuck with IPv4 have explicitly turned it off, or are using antiquated equipment.

    1. druck Silver badge

      Re: IPv6 by default

      Well Plus Net aren't joining the party, they had one small IPv6 trial over a decade ago, and haven't gone near it since. They also think that it's acceptable to still only offer plain text email access these days, and refuse to implement TLS.

      1. AndrueC Silver badge
        FAIL

        Re: IPv6 by default

        Yup. A couple of years ago they rebuilt their core network but the only impact it had on their IPv6 offering was to kill off the beta program because it wasn't compatible with the new network. That was when I finally left. I went back to an ISP that had been running dual-stack for over ten years.

      2. Mozzie

        Re: Plusnet Party

        Hmmm, I've got IPv6 with Plusnet (via John Lewis Superfast Fibre). The Zyxel router actually wouldn't let me disable it either which turned into a lot of messing around last year with pre-configured VPN apps to try and stop them leaking. Fortunately the apps have improved greatly since then.

        Plusnet have failed to provide me with just about everything it should have in the way of service, not even half of the advertised speed which is an ongoing issue, but I definitely have IPv6.

        1. druck Silver badge

          Re: Plusnet Party

          However Plus Net are providing the John Lewis broadband, it's not going through their core system, which is IPv4 only. But it does look like you get their crappy encryption not supported email servers though.

    2. Anonymous Coward
      Anonymous Coward

      Re: IPv6 by default

      > A lot of the users still stuck with IPv4 have explicitly turned it off, or are using antiquated equipment.

      ...or live in the UK!

    3. Tom Chiverton 1 Silver badge

      Re: IPv6 by default

      General home users should be behind NAT for the firewall benefit if nothing else.

      Do you want Windows firewall exposed DIRECTLY to the whole Internet? Really?

      1. _andrew

        Re: IPv6 by default

        You know that actual firewalls work as a firewall too, it's not just NAT. My shiny new IPv6-capable router from the NBN update had the obvious firewall installed (no incoming connections), just like the NAT default. I'd be very surprised if any ISP's specified or supplied router came with no firewall. That would be mad.

      2. derptastic

        Re: IPv6 by default

        Whilst often deployed together, don't confuse NAT function with a stateful Firewall.

        Most (all?) of the UK's residential broadband ISPs have deployed IPv6 with the stateful firewall enabled and blocking all new inbound flows.

  4. Tom 7

    That wont work.

    While there might be 6.67 * 10^23 addresses per m2 sods law says they will all be in the same m2.

  5. Jellied Eel Silver badge

    Extreme bandwidth restrictions

    So if social distancing means only 2 packets of the same session keeping 2m apart, that would be rather low frequency, and worse than the old days of 1200/75 modems. On the plus side, might allow for long distance communcations, with fewer repeaters needed.

    1. Number6

      Re: Extreme bandwidth restrictions

      It's a foot per nanosecond in free space, so you only need 6-7 nanoseconds between packets. That's still a decent throughput. Stuff is slower in cables, so you probably only need about 4ns spacing.

  6. tip pc Silver badge

    Don't blame corporates, its not strait forward migrating established systems to IPv6

    it's not as simple as just turning ipv6 on in a corporate environment.

    most places with an eye towards good practice and security will be carved up like pulled pork in their data centres, HO and key sites & entities they've borged or been borged into.

    Someone needs to understand the mess & rewrite for ipv6 and make sure it all still works. Those ACL's on WAN sites need rewriting for the new ipv6 zones, fw rules need rewriting, load balancer policies need rewriting. If the business is at least 10 years old then chances are that the original people who put the network in are long gone & the outsourcers have further mangled things to justify their charges.

    IPv6 in a fresh environment makes sense, so does SDN. changing your home to IPv6 when you've no customisation makes sense, changing old network where the original architects are long gone and no one fully understands all the quirks requires much bravery and deep pockets

    1. Long John Brass
      Big Brother

      Re: Don't blame corporates, its not strait forward migrating established systems to IPv6

      It's usually easy enough to build out an IPv6 DMZ and run some proxy servers to pip data in and out of the core IPv4 stuff. Esp for web traffic. You can even buy/rent this as a upstream service.

      Convincing manglement that they need to budget some time & money is a whole different kettle of fish.

  7. Andy E
    FAIL

    Virgin Media?

    Their Hub 3 has no knowledge of IPv6. I don't think they do either.

    1. MatthewSt Silver badge

      Re: Virgin Media?

      They have knowledge of it, but think it's a passing fad...!

  8. Tom Chiverton 1 Silver badge

    Running out? Don't make me laugh.

    Amazon and Zen will give you one for free.

  9. Anonymous Coward
    Anonymous Coward

    Colonel Angry here.....

    ......I like being behind a NAT router. I absolutely don't want a personally identifiable IPv6 address on any of my devices.

    *

    Please keep up the IPv4 standard......good work there!

    1. MatthewSt Silver badge

      Re: Colonel Angry here.....

      IPv6 handles that already by changing your address every few hours - https://www.ipsidixit.net/2012/08/09/ipv6-temporary-addresses-and-privacy-extensions/

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like