22
Condor
6y

In my previous rant about IPv6 (https://devrant.com/rants/2184688 if you're interested) I got a lot of very valuable insights in the comments and I figured that I might as well summarize what I've learned from them.

So, there's 128 bits of IP space to go around in IPv6, where 64 bits are assigned to the internet, and 64 bits to the private network of end users. Private as in, behind a router of some kind, equivalent to the bogon address spaces in IPv4. Which is nice, it ensures that everyone has the same address space to play with.. but it should've been (in my opinion) differently assigned. The internet is orders of magnitude larger than private networks. Most SOHO networks only have a handful of devices in them that need addressing. The internet on the other hand has, well, billions of devices in it. As mentioned before I doubt that this total number will be more than a multiple of the total world population. Not many people or companies use more than a few public IP addresses (again, what's inside the SOHO networks is separate from that). Consider this the equivalent of the amount of public IP's you currently control. In my case that would be 4, one for my home network and 3 for the internet-facing servers I own.

There's various ways in which overall network complexity is reduced in IPv6. This includes IPSec which is now part of the protocol suite and thus no longer an extension. Standardizing this is a good thing, and honestly I'm surprised that this wasn't the case before.

Many people seem to oppose the way IPv6 is presented, hexadecimal is not something many people use every day. Personally I've grown quite fond of the decimal representation of IPv4. Then again, there is a binary conversion involved in classless IPv4. Hexadecimal makes this conversion easier.

There seems to be opposition to memorizing IPv6 addresses, for which DNS can be used. I agree, I use this for my IPv4 network already. Makes life easier when you can just address devices by a domain name. For any developers out there with no experience with administration that think that this is bullshit - imagine having to remember the IP address of Facebook, Google, Stack Overflow and every other website you visit. Add to the list however many devices you want to be present in the imaginary network. For me right now that's between 20 and 30 hosts, and gradually increasing. Scalability can be a bitch.

Any other things.. Oh yeah. The average amount of devices in a SOHO network is not quite 1 anymore - there are currently about half a dozen devices in a home network that need to be addressed. This number increases as more devices become smart devices. That said of course, it's nowhere close to needing 64 bits and will likely never need it. Again, for any devs that think that this is bullshit - prove me wrong. I happen to know in one particular instance that they have centralized all their resources into a single PC. This seems to be common with developers and I think it's normal. But it also reduces the chances to see what networks with many devices in it are like. Again, scalability can be a bitch.

Thanks a lot everyone for your comments on the matter, I've learned a lot and really appreciate it. Do check out the previous rant and particularly the comments on it if you're interested. See ya!

Comments
  • 4
    Don't underestimate the numbers. More and more devices get connected, today a double-digit number of devices in non-corporate environments is already common, and this number will grow fast with all the IoT devices on hold.

    Nobody will ever reach 64 bit, that's for sure, but if you start structuring your IPs, grouping devices and using offsets and ranges, you quickly lose a bit here and there and then the usable IP-range is massively reduced. But still, with IPv6 the range is big enough to really structure it, and not make odd ranges like it is necessary for IPv4 just because 32 bit is not that much. Think about structures like 10.100.200.0/21 or even worse, where most people have a hard time figuring out which actual IP addresses that covers.
  • 2
    Thanks and big props for writing that summary, these kind of things are exactly the reason why I love community here 🙂
  • 2
    It's 5 at least :) doesn't your mobile device have internet connection?
  • 2
    Whatever size of the address space it is I still think IP sucks in terms of privacy.
  • 1
    @netikras 'course, there's 3 of those here, 1 tablet and 2 phones. Probably in a family network (but then you've got multiple people too so that's kind of different) you'd have even more, easily 15-20 devices. But then you've got to divide by the amount of family members as well of course.
  • 1
    Where do you draw the line between a business application (where it can be absolutely annoying to NAT every device to have virtually the same network for every internal use) and a "home"?
    Why would you define an exemption for just "homes"?
    What if the "home" is a company with servers, clients and a guest network? Should that all be set up differently? And why should I get a "different" kind of internet at home?

    Still, link local IP addresses can now be easily assigned (compared to the awful 169.254.0/24 zeroconf addresses) by just using the MAC addresses, reducing work to manage IP addresses, because every device can 'just' get one! Of course on could have used 48-bits, but then the privacy extensions couldn't be implemented without possible collisions.
  • 1
    @vane Aha.
    The first have is dynamically assigned by the ISP, the second half is random by the the privacy extensions. What's so bad with that?
  • 1
    Fun fact about "the decimal representation of IPv4":

    0301.0xff.23111 is a valid IPv4 address.
  • 1
    @sbiewald ISP is basically always MITM and it can ex. record all of your dns queries or even record all your traffic for government or advertising purposes so we should use more P2P and encrypted traffic.

    Communication should be decentralized on wifi level not in cloud where your data is mostly stored and audio files recorded.

    IP privacy sucks cause it can identify you, it might even geolocate me to your house. I can identify where you go and what you buy with mobile pay.

    IPv6 will be even more huge privacy problem as it might fingerprint all of your devices without special algorithms.

    Maybe this kind of socialism where algorithm tells you when to buy something and what you want to search is good for you but I want to have a choice and think first without computer flashing and telling me what to do to live my best life. I don’t want to see always same products from same corporations.

    I don’t want my fridge to know what’s inside and my mirror look at me in bathroom.
    But that’s the world we’re going right now in mass media hype.
  • 1
    IPv6 puts your privacy at serious risk.

    I'm not an expert, as I never had to deal with IPv6, but from what I've read the ISP allocates a static /64 network for each user.
    The fact that it is static is a huge issue, because it means that a part of the device's IP address never changes.
    Also, the ISP can know how many devices you are using and potentially identify them, because they send a DHCP request exposing their MAC address.
  • 3
    Until not to Long ago for example Vietnam has just 2 ip v4 adresses. The whole Country was behinde two NATs, which of course caused Problems... If such things happen again in the future (and they will, because of humans), it's nice to habe 64bits internal address Space...
  • 3
    @vane If you get a random address which is changed every few days, where is the problem? Even with IPv4 the ISP could give you an unchangeable 'hostname' for reverse lookup. Mine didn't change in a year (this was luckily a bug, not a tracking attempt).

    The ISP could sell my data in any case, with or without IPv6!
  • 2
    @sbiewald That was my point that any range doesn’t guarantee privacy because IP is broken by definition.
  • 1
    @sbiewald The problem is that the IP address is not totally random, a part of it is always the same if the /64 network doesn't change.
  • 1
    @BlueDav000 Sure, but that isn't the protocol's fault, rather the ISP's - I get a random prefix each day.
  • 1
    @sbiewald Indeed, as long as the ISP provides a random prefix everything's fine.

    What about DHCP though? Are the addresses assigned by the ISP or by your router?
  • 2
    @vane You can decentralize your communication any time. Just find networks you can connect directly. But then you have to take care about your uplinks, routing, etc. That would be the "classic" way of internet.

    But it's really uncomfortable, so the ISPs came to existing, as most people do not or can not handle all that by themselves.
  • 0
    @ddephor Maybe it was good or maybe I just like small things not big centralized monoliths and just maybe because I grew up in one communism I don’t want to be part of another.
  • 1
    @BlueDav000
    IPv4: The router uses DHCP to get the own one, later uses DHCP to give clients their baddresses.
    IPv6: Getting the prefix to router: No idea, but the ISP assigns it. Router uses router advertisements to announce the prefix in the network, clients pick the second half by themselves.
    If the ISP assigns static prwfixes, it's the ISP's fault.

    Nothing protects against an evil ISP. In doubt, get your own IPv6 prefixes and change them regularly. You can get them for free or very low priced, theoretically I would currently have a /48 to choose from.
  • 1
    @vane I don't see any connection to communismn. In fact it's the complete opposite, a monopoly, or at least an oligarchy.

    And still, you can build up your own network infrastructure and get your peers und uplinks directly. But that would be quite hard.

    And there is no chance to connect anything big via wireless networks, connecting to your neighbours won't let you connect to anything useful. Even if you manage to get your whole town connected, you will reach your bakery and your butcher, but not Wikipedia or Amazon.

    Network connection is a big business today, and I'm pretty sure, you don't want to install your own cable to the next main network center or even your own undersea cable to any other continent.
  • 0
    @ddephor All depends on how much traffic your network generate and your network can handle.
  • 1
    @vane No, miss the most important part. If you can't route your data to the right destination, it doesn't matter how much bandwith you have.
  • 0
    @ddephor You can’t I can do anything I want.
  • 2
    @vane are you running your own AS? Otherwise, no you don't.
  • 0
Add Comment