Forgot your password?
Close
typodupeerror
Network The Internet

'IPv6 Just Turned 30 and Still Hasn't Taken Over the World, But Don't Call It a Failure' (theregister.com) 233

Posted by msmash from the mis-design-by-committee dept.
Three decades after RFC 1883 promised to future-proof the internet by expanding the available pool of IP addresses from around 4.3 billion to over 340 undecillion, IPv6 has yet to achieve the dominance its creators envisioned. Data from Google, APNIC and Cloudflare analyzed by The Register shows less than half of all internet users rely on IPv6 today.

"IPv6 was an extremely conservative protocol that changed as little as possible," APNIC chief scientist Geoff Huston told The Register. "It was a classic case of mis-design by committee." The protocol's lack of backward compatibility with IPv4 meant users had to choose one or run both in parallel. Network address translation, which allows thousands of devices to share a single public IPv4 address, gave operators an easier path forward. Huston adds: "These days the Domain Name Service (DNS) is the service selector, not the IP address," Huston told The Register. "The entire security framework of today's Internet is name based and the world of authentication and channel encryption is based on service names, not IP addresses."

"So folk use IPv6 these days based on cost: If the cost of obtaining more IPv4 addresses to fuel bigger NATs is too high, then they deploy IPv6. Not because it's better, but if they are confident that they can work around IPv6's weaknesses then in a largely name based world there is no real issue in using one addressing protocol or another as the transport underlay." But calling IPv6 a failure misses the point. "IPv4's continued viability is largely because IPv6 absorbed that growth pressure elsewhere -- particularly in mobile, broadband, and cloud environments," said John Curran, president and CEO of the American Registry for Internet Numbers. "In that sense, IPv6 succeeded where it was needed most." Huawei has sought 2.56 decillion IPv6 addresses and Starlink appears to have acquired 150 sextillion.
This discussion has been archived. No new comments can be posted.

'IPv6 Just Turned 30 and Still Hasn't Taken Over the World, But Don't Call It a Failure' More

'IPv6 Just Turned 30 and Still Hasn't Taken Over the World, But Don't Call It a Failure'

Comments Filter:

  • "Not Invented Here" Syndrome (Score:5, Interesting)

    by darkain ( 749283 ) on Thursday January 01, 2026 @03:03PM (#65895199) Homepage

    How may different compatibility deployments are there for IPv6?

    6in4? 6to4? 6RD? NAT64, 6over4? Teredo?

    Think any of those are fake names? Try again!

    And that's just ONE piece of IPv6. Practically everything in the "spec" has at least 2 variants minimum, and its just a royal clusterfuck. When it is described as "protocol by comity", this is exactly the result, and its been a total pain in the ass to have anything reliable at scale.

    You may be on one of the lucky ISPs that has a sane deployment and want to reply with "Well, it works for me!" - that's awesome, and I wholeheartedly mean it. That IS really awesome! But for the rest of us dealing w/ multiple ISPs in multiple regions, its a fucking shitshow to get anything reliable going consistently.

    One IPS I deal with about 18 months ago entirely dropped IPv6 "support" - and now we can pull a single /128 address with no routing table at all. So we have an address that is entirely fucking useless, instead of having a normal block allocation which it was previously. Another ISP I deal with still uses PPPoE, and then uses 6RD over that, so the MTU is trash because both reduce the MTU size.

    IPv6 is a fucking mess, and it pisses me off every day!

    • Literally none of them duplicate functionality, they all do different things or work in different ways. That's not "NIH syndrome" in fact most of them were "invented" in the same place.

      and its been a total pain in the ass to have anything reliable at scale.

      Horseshit. IPv6 works just fine at scale. Heck it works just fine with no end user intervention on small scale just as it does for major providers. Yeah there's a lot to the standard, and most of it you can simply ignore and have a perfectly functioning setup. I literally don't know what part of this you think is a shitshow,

      • And just like daily auto traffic, you have to watch out for the other guy, who didn't signal and is talking on his phone.

        The problem is: There is no standard way, just a bunch of them, because of the many mutant implementations.

        This isn't horseshit, this is the reality of what network engineers have to deal with, not to mention the civilians who are just trying to learn enough to get by. Then they discover that the address space covers most atoms in the known universe, perhaps more.

        Inside various operating

        • There are standard ways, all defined by IETF. For instance, if one has to have NAT66, then there is RFC6296, which is the single official way to do NAT (In IPv4, IETF didn't define any NAT standard, be it static, dynamic nor port). If one wants 464xLAT, there is RFC6877. If one wants Dual-Stack lite, there is RFC6333. In fact, it's IPv4 doesn't have standard ways, and where one has a whole bunch of kludges - CIDR, supernets and all sorts of bizarre configurations due to the address shortage

          • I understand the standards fully.

            It's the implementations and supporting components, from old router, recalcitrant ISPs, end point walled gardens across the planet, and much other gear that may, or not, do one thing (perhaps correctly) and many bad things more commonly.

            Citing standards is fine, it's the implementations that are diffuse, incorrectly installed, with ignorance and even malice towards IPv6 for sins it didn't commit-- just the results when connections don't work, or DNS is incorrectly implemente

            • I agree that the original assignments of IPv4 addresses were carelessly distributed. To be fair, it was done by just one man - Jon Postel, and to be fair to him, it was only supposed to be used by organizations and companies dealing w/ the US government. It was never designed to be used by the world's entire population. Once it was released to do that, things started breaking down, and you started needing NAT and other kludges

              The mistake, if any, was letting IPv4 get released for the purposes of the in

              • And, despite virtues, what happens?

                Why did AT&T get such a massive Class A block?

                Even ham radio got the full 44.

                Then, even more virtuously, IPv6 was invented with no mandates to be interactively compliant, no testing rigor, NADA.

                It's indefensible. The IETF isn't a deity. It takes more to make a massive change after the fact, and look at the statistics, the implementations, the emphasis you cite in education. This is failure, on a broad and stupid scale. I wish it weren't so. But these are facts.

                Astonish

    • Re: (Score:2)

      by Bert64 ( 520050 )

      6in4? 6to4? 6RD? NAT64, 6over4? Teredo?

      These are all completely different things...

      You may be on one of the lucky ISPs that has a sane deployment and want to reply with "Well, it works for me!" - that's awesome, and I wholeheartedly mean it. That IS really awesome! But for the rest of us dealing w/ multiple ISPs in multiple regions, its a fucking shitshow to get anything reliable going consistently.

      Based on stats published by google, apnic, akamai and cloudflare it does indeed work just fine for almost half the world now meaning hundreds of millions of users, and there are many countries where users with working v6 make up a sizeable majority.
      The problem is not v6, the problem is lousy ISPs, and a lousy ISP is just as likely to provide a lousy legacy service too.

      In fact, legacy IP is one of the main reasons why lousy ISPs exist and are not driven out of busi

      • Yeah, developing countries big issue preventing them advancing is lack of IP6 connectivity LOL!

        Oh man, come back down to earth space marine.

        • You don't need to be well informed to see the GP is right on that point. We've run *MULTIPLE* slashdot stories about the IPv4 address space being exhausted and corruption causing developing nations to give up their already limited pool.

          Actually fuck developing countries, many rich westerners are stuck behind CG-NAT. If the OP is a space marine, what's that make you, a deep sea fish?

          • Sure, all those poor people with barely a pot to piss in or food to feed their kids living hand to mouth in countries run by corrupt psychopathic dictators are just thining, "If only we had access to the IP6 address space everything would be ok".

            FFS , get out your basement and go visit the real world.

        • To the extent that they need widespread internet access, yeah, that is the thing holding them back. We had this story just a few weeks ago about AfriNIC having issues w/ a subscriber who was subletting addresses to customers outside the region
    • You're talking about the early days, when transition mechanisms were the norm. That's not been the case for a while now. All those things - 6RD, Teredo,... have now been retired. As for NAT64, that is only used in IPv6 if communication w/ IPv4 nodes is needed, for the simple reason that one uses 128 bit addresses while the other uses 32 bit addresses

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      It really does seem like a mess of half arsed protocols and spotty support, for basically no gain for the average user. It doesn't solve the problems people have with IPv4, but it does introduce lots of new ones.

  • There is an unintended side effect of IPV4 (Score:5, Insightful)

    by MpVpRb ( 1423381 ) on Thursday January 01, 2026 @03:18PM (#65895229)

    If everyone used IPV6, and every device was independently routable, we wouldn't need to connect to a server to use a device remotely.
    IPV4 and NAT made server connection the only workable option and allowed evil companies to brick devices by shutting down the server or charge outrageous subscription prices to use a device that the user paid for

    • Indeed NAT and the need for port forwarding is a big part of the problem that has made the cloud so much easier to use. The default for any firewall is still going to be to block even on IPv6 but a lot of people would just deploy PnP anyway and then things would just work. What we really need for the IoT that moves about, like phones, is our own address ranges that can be dynamically routed so that we can move and traffic still finds us but our IP is always the same, whether joining from the mobile network,

    • If everyone used IPV6, and every device was independently routable, we wouldn't need to connect to a server to use a device remotely.

      You can VPN into your home network. Though, I guess, allowing the device to be accessed by anyone from anywhere (I mean, you may want to access it from a hotel, so you don't know what your IP would be ahead of time) may be fun too.

      PV4 and NAT made server connection the only workable option and allowed evil companies to brick devices by shutting down the server or charge outrageous subscription prices to use a device that the user paid for

      Right, because otherwise the companies would give up their control, right. They can already do that, just provide a Web UI to the device directly, I can forward a port or use a VPN.

    • Re: (Score:2)

      by AmiMoJo ( 196126 )

      Is that a good idea though? Being routeable from the internet means having to be secure from all the attacks that come from the internet.

      For most people, if they really need that functionality, a VPN or reverse proxy like Cloud flare Zero Trust is a better option.

      I know, it sucks that we have to rely on those things instead of all being free to put our stuff directly on the internet from our home broadband, but look at what happened with email servers. Torrents of spam, hacked servers becoming parts of botn

  • People gave up on the Internet... (Score:5, Interesting)

    by Casandro ( 751346 ) on Thursday January 01, 2026 @03:26PM (#65895251)

    It's actually quite another issue. If you listen to people claiming that "NAT killed IPv6", that is a different point. IP is all about end to end connectivity. There are no special "server privileges" you need on IP-networks. It is like the telephone network. Everybody can do anything. You don't need special stuff to run your own "information hotline", you just get a connection and there you go.

    If a person claims that "NAT is sufficient" it essentially means that they have given up on that. They are contempt with an Internet which does distinguish between those who have a public IP-Address, and those tho are behind NAT. It's a world dominated by large "hyperscalers".

    IPv6 offers another Internet. It offers one, where everyone can simply run their own "webserver" from their bedroom. Everybody has their own IPv6 addresses. There is full end-to-end connectivity, if you open your firewall. There is no need to ask someone for permission to run your own IPv6 "server". It is a network that is free to anybody.

    If you look into the world, you'll find logs of CGNAT, where your ISP is already doing NAT... often at great expense and often multiple times, particularly in poor countries where not even your ISP may have a public IPv4 address. In those areas IPv4 is, essentially, a closed system you cannot participate in. It's like an "Online Service" like AOL or Compuserve. In those places the only way to get actual Internet is via IPv6.

    BTW we are already at roughly half the Internet traffic being IPv6, I've recently been at a colocation facility where they only provided IPv4 at special request... and that essentially just works.

    • I don't want people all over the world connecting to my bedroom. If I wanna host a website I pay an extra $8/mo for VPS

      • Well maybe the Internet is not exactly what you want then.

      • I don't want people all over the world connecting to my bedroom. If I wanna host a website I pay an extra $8/mo for VPS

        Then don't run a web server in your bedroom. And maybe have a firewall that blocks inbound connections by default (which is a side effect of NAT, but absolutely does not require NAT).

        But many of us would like to run servers from home.

    • Precisely! I don't get the negative vibes of The Register in claiming that it hasn't "taken over the world". For something to be a failure, its adaption should have been languishing in single figures, or at 30% tops. Not when it's at the cusp of crossing the 50% mark

      Also, talking about IPv6 being 30 years old is misleading. Yeah, RFC1883 may have been approved then, but since then, there have been boatloads of RFCs, some deprecating previously defined RFCs, such as IPv4-compatible addresses (::d.d.d.d

  • Not everything is name based (Score:3)

    by bjoast ( 1310293 ) on Thursday January 01, 2026 @03:49PM (#65895345)

    "These days the Domain Name Service (DNS) is the service selector, not the IP address," Huston told The Register. "The entire security framework of today's Internet is name based and the world of authentication and channel encryption is based on service names, not IP addresses."

    We are so used to the constraints put on us by IPv4 that we don't even consider what opportunities open up when every single device on the planet has its own globally routed IP address. It's like an abusive relationship. Not all service resolution works on name based principles, nor is it necessarily the best way in all cases (for example in P2P scenarios). Overlay networks, NAT and private addressing are often not really desirable nor strictly necessary, and this fact should affect how we reason about a future internet.

    • Re:Not everything is name based (Score:4, Insightful)

      by whoever57 ( 658626 ) on Thursday January 01, 2026 @06:31PM (#65895667) Journal

      We are so used to the constraints put on us by IPv4 that we don't even consider what opportunities open up when every single device on the planet has its own globally routed IP address.

      Yes, all those opportunities for insecure IoT devices to be compromised.

      • We are so used to the constraints put on us by IPv4 that we don't even consider what opportunities open up when every single device on the planet has its own globally routed IP address.

        Yes, all those opportunities for insecure IoT devices to be compromised.

        So have your router run a firewall that denies inbound connections be default, the same way NAT does. This is a side effect of NAT, but can be done better and more easily by a simple firewall.

      • Those devices shouldn't be on the public internet in the first place. They should be put in a DMZ where other than select internal nodes, no one can access them
    • I didn't quite get Huston's statement. While DNS may be a service selector, routers, switches and other networking gear don't speak DNS, which is a layer 7 service. They need a layer 4 protocol, which would be either IPv4 or IPv6

  • Is it worth it (Score:3)

    by Luckyo ( 1726890 ) on Thursday January 01, 2026 @04:39PM (#65895447)

    The general idea of global internet is that "everyone can connect to everyone". No server needed.

    Concept of this being a good idea died around XP era. When many ISPs still offered public facing IPv4 address. Plug in a PC, try installing windows XP, and it got owned in about 30 seconds after install finishes.

    NAT stopped this zero user interaction worm spreading nonsense. Today, I'd note that one of the big reasons IPv6 is generally not recommended for residential use is exactly this. NAT brings a very powerful layer of security by effectively firewalling off access from outside. While it's no longer XP era, and modern windows is significantly more secure, most people are still so inept at basic IT maintenance, that it's probably best to not let their machines be easily publicly accessible.

    It's good to have IPv6 when you actually know what it's good for and how to set up properly sanitized networking. But for most people, it's much more of a liability than a boon.

    • Re: (Score:3)

      by tepples ( 727027 )

      Is it a good thing that everyone who needs to connect to a home NAS or remote desktop from outside the home LAN be required to subscribe to a relay like Pinggy, Tailscale, or Hamachi, on top of what the user already pays the ISP per year for an Internet connection?

      • Re: (Score:2)

        by Luckyo ( 1726890 )

        If you don't know how to set up something as basic as a proper port forwarding scheme within your local network, you probably shouldn't have public facing devices.

      • Re: (Score:2)

        by davidwr ( 791652 )

        Is it a good thing that everyone who needs to connect to a home NAS or remote desktop from outside the home LAN be required to subscribe to a relay like Pinggy, Tailscale, or Hamachi, on top of what the user already pays the ISP per year for an Internet connection?

        Or have the skill to set up a reverse-ssh tunnel. You still may need to pay a service for a backup method in case the tunnel breaks and doesn't auto-recover if you don't have someone "at home" who can manually recover it for you.

        But as to your question, "is it a good thing" that it's not easy to make something in your home visible from the outside network without having to go to some extra effort or cost? Yeah, I think it is. A small amount of "friction" means 95+% of people won't bother, which means the

        • Or have the skill to set up a reverse-ssh tunnel

          A reverse-SSH tunnel requires one of two things: either your local computer is on a network that can accept inbound connections, or there's a relay ($) in the middle accepting connections from both the client and the server.

          "is it a good thing" that it's not easy to make something in your home visible from the outside network without having to go to some extra effort or cost? Yeah, I think it is.

          I believe there's a substantial qualitative difference between "extra effort" and "cost", especially when the latter is a recurring cost payable to the rent-seekers that run relays.

    • Re:Is it worth it (Score:4, Insightful)

      by Bert64 ( 520050 ) <bert@sla[ ]ot.fi ... m ['shd' in gap]> on Thursday January 01, 2026 @04:54PM (#65895475) Homepage

      NAT is not a security mechanism, it's a kludge to get around a lack of address space. You can operate a firewall without NAT and it works better this way because it's less complex and has less to go wrong.

      Plus devices these days are mobile - sure you have your own firewall at home, but take your laptop to a hotel and theres no longer anything between your laptop and the other guests.

      Malware is still an epidemic, there are still millions of infected machines and new strains of malware coming out all the time. NAT gives users a false sense of security and causes them to be more careless when opening a phishing email or opening a suspicious link.

      Using v6 is better for everyone, otherwise we're stuck in a dystopian world where only a few large companies can host content and everyone else is just a consumer paying the extra cost of CGNAT equipment. This is a return to the controlled networks of aol and compuserve.

      • Re: (Score:2)

        by Luckyo ( 1726890 )

        Except that it is. And its proliferation is what ended the worm epidemic among windows machines connected to the internet. I got to observe this first hand back in 2000s, as that was when I had to administer a residential network for a university campus building. We went from massive worm problem to almost no worm problem overnight when connections were put behind a NAT. Remaining worm problem 100% came from people who wanted a public facing IP without NAT (you could request it and get it).

        So you may want t

        • If someone was handing out public IPs without any firewall, maybe they should have taken a look at that.

          Using NAT requires you to whitelist things you want to open. With public IPs, you should be able to do the same. If the firewall vendor or administrator don't understand that, and jave everything whitelisted by default, it's on them. But this is not a NAT vs firewall issue.

        • It's no more a security mechanism than a simple stateful firewall. And from an administrative standpoint, especially for a university, it's easier and gives you some cover. If someone reports that one of your students was doing something improper, good luck figuring out who the culprit was. With unique addresses you know exactly who it was.

        • We went from massive worm problem to almost no worm problem overnight when connections were put behind a NAT.

          And you could have achieved exactly the same thing at lower compute cost with a stateful firewall. NAT didn't save you from worms, the stateful firewall that NAT requires in order to work did. But you can have the firewall without the NAT, and the result is simpler, more efficient, easier to manage and more flexible.

        • No, it's not. NAT is one thing, and a firewall just happens to be at the same logical location that a NAT is, thereby creating the illusion that NAT is the entity providing the security i.e. the packet filtering

        • Re: (Score:3)

          by Bert64 ( 520050 )

          You could just have easily retained the public IPs, while putting a firewall in front of them. NAT was just added complexity providing no benefit other than reducing the number of legacy addresses required.

          By hiding vulnerable machines behind a firewall you've not actually solved the problem, as those machines will become instantly infected if someone introduces a single infected machine behind the firewall.

          In these days of mobile devices and wifi it is actually FAR more common for this to happen - totally

      • > NAT is not a security mechanism, it's a kludge to get around a lack of address space. You can operate a firewall without NAT and it works better this way because it's less complex and has less to go wrong.

        No, it is not. But it works very well as one...

        I mean sure, to do NAT I need a router, which has a working firewall (right?) , but don't bother me with those details! NAT is the main security mechanism, and leave those pesky firewall rules empty. I could learn something, and we don't want that...

    • Again, NAT is not a firewall. One can have an IPv4 firewall that allows all traffic in both directions, and that network, despite having NAT, will be 100% vulnerable
  • It looks like all the isps that wanted to adopt IPv6 already have, others have grandfathered or purchased IPv4 allocations and just leach off of it, especially Virgin Media in the UK which has a dedicated website about why it hasn't adopted IPv6. With only 2 billion people not on the internet remaining they can easily be squeezed into more CGNAT while IoT usually now uses vpns with their own network laid over the top making their ips irrelevant. The only real problem is websites that still block by IP inste

    • Yeah, at 49%, how is it exactly a failure? A failure would be an inability to go into double figures, or maybe enter the 30% mark

      If anything, the IPv6 community is now exploring IPv6-only and IPv6-mostly options for networks that have chosen to adapt IPv6, partly to reduce the number of attack vectors by abandoning the IPv4 backbone

    • Stuck at 49%? This graph tells otherwise: it has been growing steadily, somewhat linearly, since 2015. We just happen to be at the point where it is 49%

      https://www.google.com/intl/en... [google.com]

      Hopefully this year, we'll cross the 50% mark. Also hopefully, more networks will start going IPv6-only or IPv6-mostly, thereby accelerating adaption

  • Don't call it a failure! I've been here for years
    Rocking my subnets, putting v4 in tears
    Making the packets rain down like a monsoon
    Listen to the router go BOOM!
    Explosions, overpowering the limit
    128-bit towering throughput in it
    Reach the summit, watch the NAT tables plummet
    I'm gonna take the stack by storm and I’m just gettin' warm!
    • 49% is some failure! If anything, IPv4 going from 100% to 51% should be considered alarming, if anyone had their fortunes tied to IPv4. If any company lost marketshare from 100% to 51%, there would be a lot of bloodletting in their boardroom

  • Every device has an IPv6 address these days, in addition to an IPv4 address. Many providers even allow you to use IPv6 exclusively but of course you can't really because sometimes the other end only supports IPv4.

  • On June 6th 2012, we had World IPv6 day, when IPv6 was turned on for a day globally by all major networks, before being turned off. The following year, that same day, IPv6 was turned on permanently, and that was when adaption started.

    With IPv6 adaption now at 49%, this year we should do the converse. On June 6th, we should shut off IPv4 services at all major networks for a day, and see how much of the internet is shut down. Depending on the results, next year or the year after, we should permanently sh

  • IPxl should've had a chance... (Score:3)

    by ArghBlarg ( 79067 ) on Thursday January 01, 2026 @07:37PM (#65895841) Homepage

    It wou;d have been backwards-compatible and given us the expanded address space desired.

    http://bill.herrin.us/network/... [herrin.us]

  • You can fully encapsulate IPv4 in IPv6. There is a reserved range for that. There are also several techniques to relay between v4 and v6. People thought about that, it's just that for a long time nobody cared to do the full switch.

Slashdot Top Deals

Reality must take precedence over public relations, for Mother Nature cannot be fooled. -- R.P. Feynman

Close