Happy 30th birthday to RFC 1631 ("NAT"), the "short term solution" we all rely on
datatracker.ietf.org
From the conclusion:
NAT may be a good short term solution to the address depletion and scaling problems. This is because it requires very few changes and can be installed incrementally. NAT has several negative characteristics that make it inappropriate as a long term solution, and may make it inappropriate even as a short term solution. Only implementation and experimentation will determine its appropriateness.
there is no fix more permanent than a temporary one.
edit: as I literally sit here inspecting the nat tables on a couple of edge routers.
That temporary fix will eventually become unnecessary. IPv6 has slowly getting more and more use.
This thread starts with a document literally proving people have been saying that exact thing for 30 years now.
It's been getting "more and more use" since 2001. To start with the isps said that they were not going to do any work to implement it until endpoints supported it. Then vista came with support by default. Next they wanted the backbones to support it. All tier 1 networks are now dual stack. Then they said they were not going to do anything until websites supported it widely. Now all cdns support it. Then they said, it's ok we will just do mass nat on everyone so won't do any work on it.
exactly. I have been begging multiple ISPs for direct IPv6 allocations for 10+ years now. its always "we are internally testing - not available for distribution yet". the most recent request from me was less than 3 months ago when I needed a IPv4 /29 for a remote site. figured I would see if I could also get a nice sized IPv6 allocation as well. nope. just gotta keep paying a premium for that dwindling IPv4 address space.
Hurricane Electric is to be commended for their public IPv6 tunnels, but without direct allocations from your immediate upstream, its just play.
I chose an ISP that dual homed customers on IPv4 and IPv6, but then the giant ISP that wants a monopoly bought them and now I get IPv4
A lot of ISPs do have some kind of IPv6. Many don't give you a prefix with the length they should. Many don't give you a static prefix. They're doing everything they can to continue to fuck this up.
Mostly to their own detriment. Maintaining equipment to do carrier grade NAT makes their network slower, less reliable, and more expensive.
At least I have a nice static and proper ipv6 prefix.
However when I asked for a reverse dns entry they could only give me one for ipv4... So now my Mail server only uses ipv4. :-(
Very, very slowly.
Last week I was peer pressured into trying out Helldivers 2 (yes, this is relevant, trust me), so I downloaded it, installed it, and fired it up with no issues. Set up my preferred control schema with no issues. Played the torturial with no issues.
Then came time for joining my friends in multiplayer. Issues! No matter what I did, I couldn't seem to join them. Nor could they join me.
I verified the installed files, I tried to connect via my phone to rule out ISP issues, and I tried all of the different versions of proton, but the result remained the same. I simply couldn't join my friends.
I don't remember what caused me to go down the right path of troubleshooting, but I've always dosabled IPv6 on my linux installs. So I re-enabled it. The problem remained. Then I realized that I had it disabled in the kernel via grub command line flags, so I cuanged that and gave my PC a reboot. Success!
So, despite networking being a large (maybe even the largest) part of my vocation for the past two decades, last week was the first time ever I actually NEEDED IPv6.
torturial - I like that. Sometimes a tutorial is indeed a torturial. 😊
So has Linux on the “desktop” buts it’s never been the year of the Linux desktop.
My previous office was in a set of partitions put up in a library 20 years ago as a temporary measure.
I wrote so many essays and exam answers in the late 90s on how IPv6 would come in and fix everything and I’m really feeling this.
It did, wherever it's used. If you can ditch backwards compatibility in your network and just use ipv6, everything gets so much simpler.
192.168.1.1/24. Got it.
- Everyone
I've only recently branched out from router defaults...only reason was that I wanted to VLAN off my home network, and mostly just so [Home Assistant-controlled] smart devices can't talk to the Internet at all.
10.0.0.0/8
172.16.0.0/12
192.168.0.0/16
🎶 a whole new wooorrrld... 🎶
Whenever I'm given the chance at work, I let my feelings be known about using "consumer grade addressing schema" in production clusters. Sure, I use it at home, but anything beginning with "192.168" looks like my moms wifi, and has no right being part of a production network.
This comment was sponsored by the 172.16.0.0/12 gang
I use 10.x.x.x addresses at home, though split into /24 networks in each vlan.
That seems overkill
Well again, I'm only using /24 chunks of it.
The main reason I went with it is that it's far faster for me to type "10.0.x.x" than to type "192.168.x.x", especially on the keypad.
Ah, how to forget the first obstacle in my hobby self hosting projects, the damn CGNAT....
"Just open the wireguard port bruh"
No my friend, I don't think that is gonna cut it.
(Thankfully Zerotier and Tailscale work for me).
I have the same issue (TRIPLE NAT'd! One of which is the CGNAT). Unfortunately I have external family that accesses from media boxes/TVs so those won't work for me.
Thankfully I was able to get a small VPS server for $2/mo and set up some reverse tunnels with auto-ssh. Seems to be working fairly well so far.
All that said, I longingly look forward to the future when I don't have to worry about NAT.
What's really crappy is that my ISP which used to give me a public ipv4 and also supported ipv6 2as bought out, and now I'm on cgnat and ipv6 support has disappeared.
Fuck metronet, it's not even cheap anymore
A few people need to get off their horses and come up with and agree to IPv4². It's exactly the same as IPv4 except there's 2 more octets of address space - 48bits for addresses*. Job done. You'd see wide spread adoption in under 2 years and then we can forget about it all and move on with our lives safe from the clutches of IPv6.
I don't give a crap that doesn't neatly fit into 32 or 64 bit architectures. It's more than doable at plenty fast speed and it keeps everything manageable.
And what would be the advantage? It wouldn't be routable through legacy systems, and you'd run out of addresses in a couple of years again.
What's bad about IPv6?
Nothing. It fixes the myriad of horrible hacks that are required for ipv4 to somehow still hang on.
Of course companies are sad because transition costs money, even though as usual the open source community did most of the work for them.
I have no idea but they look complicated!
It tried to fix everything wrong with IPv4, like shitty multicasting. This made it extra complicated.
If it had just been 128-bit addresses, it probably would have been widely deployed in the 90s. Don't need to bother at this point, though, just get it done.
https://youtu.be/oSIPiB2JEkA
One hour video. Jesus. tl;dw (generated by AI - disclaimer):
" The speaker in the YouTube video discusses why IPv6 adoption is slow due to technical complexities, high costs, and lack of immediate benefits for businesses. He talks about the challenges of maintaining both IPv4 and IPv6, why businesses are hesitant to adopt IPv6, its technical benefits, lack of backward compatibility with IPv4, and the importance of universal adoption for success. Some large companies have not adopted IPv6, and there are concerns about minimal performance gains and transition costs, leading to a prediction of IPv4 and IPv6 coexisting for the next 20 years. "
Next 20 years? Dude, I was being taught IPv6 back in 1997, as part of my network course. It was supposed to be the future back then, and so we were trained, expecting to have to implement it wherever we'd go work.
Yeah... I didn't end up in networks, but I sure as shit did not see it used even once in my career so far. Not a single time. It's kinda hilarious, really.
If we rolled back the clock to 1998 or so, that'd probably be worthwhile. At this point, everything is set for IPv6, and we just need to do it.
A day old IPv6 thread where there isn't some moron arguing NAT is for security? What's going on here?
Thing is I knew it as masquerade for years before I heard the term nat.
Linux IPchains from the 2.2 kernel days?
Early version of slackware from around 95 or so.