People still working in IT, thoughts on IPv6?
Now currently I'm not in the workforce, but in the past from my work experience, apprenticeship and temp roles, I've always seen ipv4 and not ipv6!
Hell, my ISP seems to exclusively use ipv4 (unless behind nats they're using ipv6)
Do you think a lot of people stick with the earlier iteration because they have been so familiar with it for a long time?
When you look at a ipv6, it looks menacing with a long string of letters and numbers compared to the more simpler often.
I am aware the IP bucket has gone dry and they gotta bring in a new IP cow with a even bigger bucket, but what do you think? Do you yourself or your firm use ipv4 or 6?
You are viewing a single comment
With NAT existing, I'm not sure there's a significant reason to switch anymore.
Plus the "surprise" privacy and security benefits of just... not having every network connected device directly addressable by anyone else on the global network. The face of the internet and networking in general, plus the security and safety concerns around it, have changed dramatically since v6 was first created.
NAT is just security by obscurity and actually not really security at all. What's protecting you from incoming scans, etc is your network firewall. That firewall works just the same for IPv6. Blocking incoming traffic for your home network is usually the default setting in your ISP issued router anyway.
Working as a network engineer, NAT in a large scale customer environment can quickly devolve into a clusterfuck. Many times we had week long reachability issues due to intermediate ISPs NATing unexpectedly.
My nemesis is GCNAT, which adds another layer of NAT because some ISPs don't have enough public IP space for all their customers to go around.
I have a customer where their ISP just assigned one of their locations public IPv4 addresses. Neither the customer, nor the ISP owned that address space. Their logic was that this address space is registered on a different continent, so it's basically fair game to use it themselves. Granted, they only route it internally for a MPLS network, but still...
What I'm getting at is that NAT increases complexity and breaks properly routed end to end connections. Everyone kinda fucks up with NAT, especially ISPs (in my opinion anyway).
I can really recommend the IPv6 study material from the major internet registries (took the v6 courses from RIPE NCC myself).
IPv6 is so much simpler for subnetting, writing firewall rules,... IMO the addresses just look kinda clunky.
“Security” was not the purpose of NAT. That was just a side effect that became overly relied on out of convenience.