Asia reaches 50 percent IPv6 capability and leads the world in user numbers Asia has become the second region in the world to reach 50 percent IPv6 capability, according to data from labs run by the Asia Pacific Network Information Center (APNIC). “This marks a significant milestone, achieved 25 years after the regional journey with IPv6 first began,” wrote APNIC director general Jia Rong Low in a …
Exactly. But it benefits a centralized internet - where relativel few players controlling most of the IPv4 space can do whatever they like, while users behind layers of NAT - and with protcolo like CG-NAT or MAP-T/E you don't even get a full NATted IP address, just a slice of ports, (maybe on top of IPv6....) - have to implement workaround, where possibile, or surrender. So yes, those who benefit from the lack of IPv4 addresses have really no reason to move fast towards IPv6. It's no surprise it's happening instead where population is in the billions and even NAT techniques would have issues there.
I have always punched holes and had a static IP, it's never that much of a pain.
But I've now taken to a totally different method which has a ton of side-advantages.
I rent a cheap dedicated server in another country, with a static IPv4 and IPv6 transit (unlike every UK ISP).
My home kit VPNs into that server.
I then set up port-forwarding or reverse proxying on that machine to direct traffic to the relevant VPN endpoint.
Thus, I have no need of port-forwarding at home, my IPv4 services are accessible from IPv6, I don't technically need a static IP at home (with a dynamic IP every time the connection moves, the VPN will auto-reconnect and get the same VPN IP address at the remote end, so forwarding just continues), I can access everything remotely, and even in the case of complete compromise of the external server, no more information is accessible than what would be accessible via any other method anyway.
It also lets me download stuff as if I'm in another country, use it as a dumping ground, a test case, serves its own content, caches content, works as a "is it up" test, means people don't know where my home connection is, etc. etc. etc.
I love NAT and have no objection to it at all, in fact I've always championed it and the whole "IPv6 hates NAT" thing has always bugged me as it was the obvious solution to widespread IPv6 adoption to just encourage people to have a IPv6-NAT as their front-end to the world and then it doesn't matter what they use behind it) but the advantages of running a kind of "external NAT" like that are far better than trying to do it at home.
It costs me about £10 a month, and it provides far more value than that (for a start, my cheap car GPS tracker checks into Traccar which runs on it, saving me a subscription).
I do similar with a £1 a month VPS in London. I have a bare metal server and another 3 VPS servers, so don't need the £1 server for anything but the ip4 and ipv6 forwarding, which it is more than capable of dealing with
https://www.ionos.co.uk/servers/vps#packages
Annoyingly, you only get 5 or so ipv6 addresees, and no ipv6 reverse dns capability, though if you want that, vultr do a fiver a month vps in london
I have a /24 of IPv4 that is advertised from a couple of BGP capable VPSes, along with some IPv6, then VPNed back to my server which is hosted at the office. Office has free electricity and a Gbit network port, but no IP addresses.
Unfortunately the office network does not have IPv6. The only person asking for it is me, but I did get the IT manager to contact our ISP to ask for configuration details. Our account manager at the ISP replied asking how many servers we need IPv6 addresses for. IT manager eventually gave up trying to explain to our ISP that's not how IPv6 works, so still no IPv6. :(
Office network has NATed outbound IPv4 connectivity but that is it (well, I can forward a couple of ports for management purposes). The VPNs to my VPSes (for redundancy) allow me to have my VMs on a dual stack VLAN with enough global IPs that I can give dedicated IPs to every project which needs global connectivity.
It should also be noted that we have quite a few development projects hosted at the office. The lack of IP addresses means that we have to use cloudflare tunnels to provide customer access to these servers. Thankfully this works for the web based things we do for paying customers, but my personal projects far exceed the capabilities of cloudflare tunnels.
I'm firmly of the opinion that internal networks should be IPv4 internal with IPv6 external, with NAT, only when absolutely necessary.
If you use sub-netting then you'd have to be something the size of Google to actually *need* IPv6 internally.
This can be further extended looking at what internal kit actually needs an internet connection. Anything that doesn't then put it on a different range.
In theory, the only thing that needs to handle IPv6 is the firewall.
I'm retired now so I do accept I may be missing something here.
Well, there is more to IPv6 than just more IP addresses, and surely if you're going to be running IPv6 externally, it would be much nicer, and take less resources to not have to manage 2 different stacks?
If the whole outside world had proper IPv6 connectivity, and all the inside hosts/apps/routers etc. also had IPv6, I wouldn't bother running IPv4 at all - there'd be no point.
IPv4 & IPv6 are incompatible so for an internal IPv4 client to reach something IPv6 across the internet a proxy is needed, not just a router.
you can't route from IPv4 to IPv6.
other than that i'd agree.
RFC 1918 defines the IP address ranges reserved for private networks, preventing address conflicts with the public Internet.
Internet routers from ISP's do not route RFC1918 addresses, so your 1st part is correct when companies use rfc 1918 internally.
IBM famously used to / uses their public addressing internally. Been a while since i was there so no idea if its still a thing.
IPv6 provides globally routed addresses for internal use. having none routable addresses internally adds a layer of security that does not exist with IPv6 and their hatred of NAT.
if IPv6 just endorsed & promoted NAT then i'm sure it would have had greater adoption.
I'm here in Malaysia, rocking on IPv6, as confirmed by a number of ping tests and ipify.org.
I'm also on fast fibre, which appears to be everywhere here: in fact, my in-laws home in northern Malaysia had full fibre many years ago. Back in SW England though, in a city of 130,000, no such luck. It looks like I'll still be on copper until well into 2026....
The bare minimum is a /64, and that would be fine for a lot of people. I see no problem in ISPs handing out a /60 instead of a /56 unless requested otherwise. So you can only create 16 subnets containing as many addresses as you could ever use with their default, unless you choose to allocate addresses using a different method in which case you can divide up that space in any way you want? I think most users will survive that. Unless they forbid large enterprises from having more than a /60, I don't think there is any problem with the policy.
Whoever came up with that table is innumerate: probably an intern in APNIC's communications department who has no clue about how to present numeric data. I wouldn't give any credence to those numbers or draw meaningful conclusions on what they mean or represent. They'd be lucky to get an F grade in a primary school statistics exam.
810,519,875 is improbably precise. The percentages were given to four significant digits. Which is also improbably precise. Since the percentages only had four significant digits, that should also have applied to the number of users.
Besides, as everyone knows the actual number of IPv6 users in China is 810,519,876, not 810,519,875.
At penetration levels like this in the most populous part of the planet we may soon seen more IPv6-only equipment. This could be further drive adoption through lower unit costs, with dual-stack components required only at the edges.
But most users will continue to be largely oblivious with the networks handling the crossover: IPv6 here but most of the traffic goes through the provider's 6-to-4 gateway.
recently turned 2.5 ghz off. only device using 2.5 was my moms phone and i had to keep changing the channel because the interference would get so bad the phone was unusable for anything. living in an area with 50 to 100 feet between my house and any neighbors but at least 30 2.5 ghz ssid's can be seen from my house. only 5 or 6 5 ghz neighbors can be seen.
Fortunately, very few things I've ever seen have 5 GHz only, so in your case, you can always continue to use 2.4 GHz. I also want the option because I've lived in places where there was far too much noise on 2.4 GHz. Not much of a problem as I simply disabled it for my network, forcing everything onto the much more functional 5 GHz space, but for the occasional cheap device that didn't support that, it was a pain.
Well, we have to use both here: congestion at 2.4 GHz isn't too bad, but close to an airport which either means that we can and do get bumped off channels – and not all devices cope well – or are limited to a couple of channels. Over time I'd expect to see smaller devices sticking largely to 2.4 GHz and personal communications using higher ones.
But legacy tech will be with us for a while yet, not least because it can't be removed until the last bit of kit relying on it has been changed. This is usually embedded devices or those machines that you can't work without but which aren't made any more – and there are lots of these in industry and, er, hospitals. But consumer kit will probably lead the way as it did with other digital and mechanical interfaces.
"There’s plenty of room to grow, because the IPv6 number space covers 340 undecillion addresses – 2128 compared to IPv4’s 232. "
Not nit-picking, since I'm not actually sure what the correct answer is, but the above quote is something of a mis-representation.
In IPv4, the addresses are so densely allocated that (ignoring the multicast and experimental blocks) we probably are using more or less every one.
In IPv6, each individual client of an ISP gets a /48 or a /56 prefix and most people probably have only one LAN hanging off that (so they're only using a /64, despite being given 250 or 65000 of them). It's great for routing, but we're never going to fill the space densely like we've done with IPv4. In addition, by no means all of the possible prefixes are assigned for unicast addressing.
I've no idea even how to estimate the number of devices we'd need to have to "pack out" the IPv6 address space, but I suspect its logarithm in base 2 is nearer 56 than 128.
Our IT manager at work contacted our ISP to get IPv6 configured. Account manager replied asking how many IPv6 addresses we needed for our servers...
The IT manager did not go with my suggestion of replying that we need 79,228,162,514,264,337,593,543,950,336 IPv6 addresses. After a few back and forths he apparently gave up, so the office is still v4-only.
IPv6 is allocated to sites. The default allocation should be a /48. This allows the customer to have as many subnets as they need (up to 65536), each of which can contain "as many hosts as they want". You literally don't count individual addresses/hosts, they are just a thing occupying the network that you are addressing.
Everything has moved up a notch. We used to have 1.2.3.4:80 as an endpoint, with 1.2.3 being the network 4 being the host then 80 being the application. Now we have 2001:db8:xxxx:yyyy:zzzz:zzzz:zzzz:zzzz :80. 2001:db8:xxxx taking the place of what used to be an IPv4 NAT with an extra yyyy for internal subnetting then the zzzz part being to identify a host on the subnet with of course the port 80 still being the application identifier. We didn't make the addresses stupidly longer, we made them a little bit longer (/32 became /48) and then added additional routing components to the end.
Talking about individual IPv6 addresses when counting utilisation is a bit like measuring the usage of IPv4 based on what percentage of the available TCP ports on each endpoint are reachable.
Everything has moved up a notch. We used to have 1.2.3.4:80 as an endpoint, with 1.2.3 being the network 4 being the host then 80 being the application. Now we have 2001:db8:xxxx:yyyy:zzzz:zzzz:zzzz:zzzz :80. 2001:db8:xxxx taking the place of what used to be an IPv4 NAT with an extra yyyy for internal subnetting then the zzzz part being to identify a host on the subnet with of course the port 80 still being the application identifier.
This is the reason IPv6 hasn't really caught on with most casual end-users as the dreamers would like. Who needs this hassle as long IPv4 NAT/PAT continues to work?
> Which is just as it should be.
I think you fail to understand the relationship, or lack of, between IPv4 and IPv6.
IPv4 only hosts have no way to reach services hosted on IPv6 addresses. This means nobody who wants to run a public service can stop supporting IPv4 until all of their potential users support IPv6.
IPv6 end users can connect to services hosted on IPv4-only servers just fine. End users on properly configured IPv6-only networks literally don't care if the destination is IPv4, IPv6, or dual stack.
If you run a typical website then you will get literally no benefit from supporting IPv6 in addition to IPv4. The only reason it is relevant for the register to support IPv6 is for symbolic reasons, as a supposedly technical site.
It is not the hundreds of switches on a major Telco network that need more IP addresses. It is your laptop, mobile phone, watch, car, dishwasher... NAT was invented as a solution to the fact that it very quickly became apparent that they didn't have enough IP addresses to handle the concept of every house being online with multiple computers in each house. They hadn't imagined the smart watch.
It is a requirement to get an app in to mobile app stores that it function on an IPv6-only network. This is not some ideology based rule, but a reality of the modern world where huge numbers of people use IPv6-only networks daily.
Verizon for example can number all of their own infrastructure out of private address just fine, and in fact their infrastructure mostly requires no external connectivity so no global IPs or NATs. But, how exactly do they provide IPv4 connectivity to (according to Wikipedia, assuming a 1:1 ratio of customers to connections) 146 million customers? The expensive NATs needed to handle thousands of users on large enterprise networks are trivial compared to when you start needing to handle those sorts of numbers.
In IPv4, the addresses are so densely allocated that (ignoring the multicast and experimental blocks) we probably are using more or less every one.
Not disagreeing with your argument or conclusion, but as I recall IPV4 is around 50% utilized. The other individual values are allocated-but-unconnected.
few years ago the its department published a list of around 2200 static ip addresses. When i looked at them i realized they were mostly addresses for networked printers that had all been moved to the 10.x.x.x private network. Also had a list of the old addresses and the new private addresses which i could match to the list of static addresses they wanted to retire. don't know if they've all been retired of being used in some other way. there are probably other organizations that have lots of private ip4 addresses that they don't use. Any laptop using wifi is on the private 10 net, Only computers using ethernet, and there aren't many of those left, get public ip addresses and they're firewalled to the point that they might as well be on the private network.
It's really hard to answer because a lot of surveys do things like looking at an address and see if it responds, which means that a firewall that restricts what it will respond to may show it as unused when there is a system using it but you can't see it. We do have plenty of empty space in IPV4, for example all the addresses the US military has and doesn't use which could be taken off them and used to cover about 15% of India's population, but I don't know how to take stuff off the US military without them getting annoyed and they have a lot more ways of making their annoyance my problem than I have of doing the reverse.
If they are routed in an internal network or even a separate internet that only some places connect to, then the addresses don't have to be globally unique for the regular internet that they're explicitly not a part of. Of course, they may use their massive ranges for that purpose, but it doesn't change either part of my statement: they don't need ownership of them to do it, and releasing them wouldn't fix our annoying ability to use more IPV4 addresses than we have available.
By the way, if you have a citation for them being in use, I'd appreciate reading it. I wouldn't find it surprising if they didn't, in fact, have a need for 13 /8s and several smaller blocks, but they were given them, and giving them back is work that they don't see a reason to do.
I can see networks you can't... If you use the same addresses as those networks then I will have problems reaching at least one of you.
People who have had to deal with interconnecting multiple networks that use RFC1918 space will understand why a government network that interconnects with loads of partner networks needs to use globally unique space.
I would also recommend against NATing the crap out of every device on a network where you start off knowing the identity of everyone at every physical location, and need to know which specific person was trying to brute force a password so you can arrest them. And of course there is no requirement that anyone use this NAT technology that was invented long after those allocations were made anyway.
A while back there was some order to deploy something to do with some kind of IPv6 thingy or something, which I am sure they have been implementing at government speed.
If they are routed in an internal network or even a separate internet that only some places connect to, then the addresses don't have to be globally unique for the regular internet that they're explicitly not a part of. Of course, they may use their massive ranges for that purpose, but it doesn't change either part of my statement: they don't need ownership of them to do it, and releasing them wouldn't fix our annoying ability to use more IPV4 addresses than we have available.
so if they use their ranges internally and sell the ranges to service provider who then provides a service to the military using those ranges, how is the military expected to reach their new service if its routed internally but the service exists out in the internet?
this happened at DEFRA a few years back, DEFRA used public addressing internally, then the bean counters got wind that the addresses had value and sold them to vodafone who resold / leased them.
new service gets sold back to DEFRA and DEFRA can't reach the new service as the address space is internal but the service is in the internet.
in a different job, we had some critical systems on public IP that was used internally but blackholed on the internet.
just another security layer,
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
