Could it be because of the new bandwidth tracking?
Seemingly this gets reverted in a new version
It would be good if it gets rolled out quick then.
Technically speaking (from the ISP’s point of view, see above on why I have this POV), peering is free (as in no ongoing costs).
You are setting up a route for mutual benefit. You provide transit to your network, they provide transit to theirs. A win-win situation for both parties involved. Instead of traffic flowing to their uplinks (ie wasting “outside” bandwidth), it gets routed through a dedicated peering line.
Ofc there are costs associated with running a cable, but large ISPs do their ROI reports a bit better than small ISPs.
I just wonder how is come that some gateway exchangers do not want to route an IPv6 traffic between each other (EU mostly)?
In the telecoms industry (aka very large ISP range), if a system is working, you never touch it. Not even for configuration updates.
By turning on IPv6, that means you advertise the IPv6 addresses (routes) you run, so that others can find you (and by extension the IPv6 addresses you control). One of them not advertising correctly, breaks everything downstream of it.
Some ISPs may be advertising IPv6 addresses for example, but not turn it on for their customers. Traffic is essentially nullrouted (the proper technical term): it goes into “the void”.
Also, Sometimes there are problems with IPv6 even if the ISP isn’t using it.
For example - some switches (older ones) had some bug where they would lock up after receiving some IPv6 packet.
Another example - a combination of a Windows PC plugged directly (no router) and some kind of router or another subscriber makes it that the Windows PC does not work correctly (it uses that router as DNS or something and gets the same IP for every request).
Solution for both - block IPv6 on ACL of every switch.
Another reason is that there is no gain by being the first to use IPv6. Instead, it’s best to be the last one starting to use it (everyone else has worked out the bugs, posted how to do things etc). Customers are not demanding it either. So, why touch something that works?
I would think anything made after 2017 would have proper IPv6 support since the standard became official then. If it was made earlier, then yea there is a possibility it would crash if it received something it didn’t understand.
I don’t get this. Do you mean a different subscriber (ie a different house) blocks your IPv6 connectivity if they come online? That shouldn’t happen, unless the ISP is mixing up its subnet allocations (ie having subnets overlap).
100% with you there.
IMNSHO: The reason IPv6 wasn’t adopted is because it broke backwards compatibility. If it worked with IPv4 (ie IPv4 talking to IPv6 directly, from the get go, not bolted on later) things could be better. For now, I don’t see it being adopted any time soon.
2 Likes
It’s always the old tradeoff.
In 50 years time we will have widespread IPv6 adoption and it will be fit for purpose, enough for every possible address you can think of and eventually A Good Thing.
If you made compromises today in order to keep easy IPv4 compatibility, in 50 years time you’d be pissed off that we didn’t “do it properly all those years ago”.
The second scenario is more common and very annoying.
Let’s have the pain today and a much better infrastructure tomorrow, I say 
1 Like
The single reason IPv6 was created was because of the size of the routing tables.
Allow me to go into a bit more techy details. I’ll only use made up IPs from 1-100 to make things easier for everyone:
- ISP A has IPs 1-10, ISP B has 11-50, ISP C has 51-100
- Easy enough, in order for ISP A to talk to IPs 11-50, it needs to talk with ISP B (1 route table entry), and if it wants to talk with 51-100 it needs to talk with ISP C (1 route table entry). The routing table size is 2 for every ISP involved. This is IPv6.
- If ISP A still has 10 IPs, but those IPs aren’t in series, ie 1,47,49,59,87,90-100, that’s a routing entry for every IP. You can’t advertise routes for IP 1-47, since 2-46 aren’t yours. This is how IPv4 works. That means 5+1(=6) routing table entries.
The ISP does not use IPv6 at all. I guess some home routers (probably something the subscriber got extremely cheap) advertise something in IPv6 that trips up directly connected Windows PCs. the solution is to either disable IPv6 on the affected PC or block it in the switch. As the ISP does not use IPv6 there was no need to try to investigate how this works in detail. Blocking IPv6 solves the problem and that’s it.
As far as I know, the Windows PC gets an IPv4 address from DHCP like normal, but starts resolving all domain names to the same IP - 192.0.2.1 (it is not used anywhere in the network of the ISP), so the complaint is that if you ping an IP address it works, but try to ping a hostname (or go to some site) and it doesn’t. Blocking IPv6 fixes it, so IPv6 has to be involved in there somehow.
Also, for a while they really tried to impose use cases. I remember when people said that there will be no NAT support for IPv6 because, according to them, NAT is not needed on v6 because there are enough IPs for everyone and it does not matter that NAT can be useful in other ways. As I understand iptables support NAT for IPv6.
Also, IIRC at some point it was not supported to split a subnet into smaller segments than /64, because reasons. If I wanted to have multiple vlans at home I would have to beg my ISP to assign me a bigger block even though with IPv4 and NAT I can manage just fine with one public IP and with IPv6 and without that constraint I could have millions of vlans with their own small subnets.
I’m pretty sure it was also because there are not enough IPv4 IPs for everyone. However, they tried to do too much (instead of just extending the address length) and now we are in this situation.
What you are describing is considered “normal”. IPv6 takes precedence over IPv4. Since your ISP doesn’t use it, when your computer wants to go to a domain it doesn’t know its IP, it needs to ask its DNS server to find it. The DNS server returns the AAAA record (=IPv6) and the A record (IPv4). Your computer already uses IPv6, even if you didn’t enable it. It’s the fancy new “autoconfig” feature. It thinks it has an IPv6 IP, so it tries to contact the new domain on its IPv6 address. In theory it should failover to the IPv4 after a failed retry, in practice it doesn’t.
Again, new features: It needs a /64 on every vlan (=internal subnet) so that devices can properly use the autoconfig features with “masking” (random IP every lease). Them assigning huge subnets isn’t a bad thing, it’s actually a good thing from a routing perspective (see my previous reply).
There are enough IPv4s for everyone. The problem is that they aren’t “in series”. As ISPs/companies came and go, the assignments got broken up further and further. When you only had a /16, now you could have 256 /24s assigned to 256 different companies. That’s 256 routing entries instead of 1.
Yes, but as I said, at least initially everyone was supposed to essentially get permission (bigger block) from their ISP to be able to have (keep) multiple vlans despite there being more than enough IPs in the /64 block for it. Maybe I do not want to use the autoconfig and instead assign IPs to each device manually (or using DHCP or equivalent with static leases) so I get IPs that are easier to type (I can’t choose the first part, but I can definitely make the IP look like fd12:3456:789a:1::1 fd12:3456:789a:1::2 and so on). But apparently, then I would be “holding it wrong” if I did that. The designers of v6 really figured out the one true way to “hold it” and really dislike that others may have other ideas. At least it looked like that initially.
And the ISP may not want to assign more than a /64 for a simple reason - “pay me more if you want to use vlans in your network, then I’ll give you /63, pay even more and you’ll get a /62”.
There are 4 billion v4 IPs, a bit less once you take out the 127/8, RFC1918, multicast and “reserved” IPs. I’m pretty sure there are more than 4 billion internet-connected devices. So, without NAT, there are not enough IPs for everyone, forcing some ISPs to use CGNAT.
As for the routing tale size, well, memory get cheaper over time, so that probably would not be abig problem for long, though I doubt we are going to see /25 or /26 subnet announcements.
Yes and no. I agree that you should be able to use manually assigned IPs to your devices, breaking away from autoconfig’s /64 requirement. The ISP on its end though needs to “cater to most”. Since a /64 is essentially the “old /24” that everyone uses, that means you need one for each different network segment. One of those segments is your VOIP line. Another one is your router’s guest network. Maybe throw one in for their TV streaming service. They all run on separate VLANS. The ISP has two choices: either keep a dual stack on their end, even though that means working around some technicalities (ie auto route discovery, hence optimizing network usage) or just shove a big chunk of /64s to you: that means going down the /63 (=2 /64s), /62 (=2 /63s, so 4 /64s) and so on. The easiest way is to just cut it at /56 which is 256 /64 subnets. That aligns perfectly with a /16 assignment in a big(ish) network: 256 different network segments, and is what is typically used in 192.168.0.0/16 networks, ie what everyone uses.
A typical user doesn’t need a public IP, so yea CGNAT can be used. There is a deeper rabbit hole though. A /32 (the lowest you can go) IPv4 assignment means 1 IP. 1 IP can’t communicate to anything, since it doesn’t even have a peer to talk to, let alone a network to broadcast multicast packets on. What is the next assignment? A /31=2 IPs. Can only talk to one another, with no broadcast network. The typical assignment by an ISP for you to have 1 public IP is a /30 or 4 IPs: One for the network(=the route on the ISP’s side), one for the broadcast (ie ARP requests), one IP for you and one for the ISP’s router on the other end of your connection. So, one IP for you is 4 wasted IPs. Now multiply that with every customer, and also take into consideration subnetting within the ISP (ie from the ISP’s landing station=where the submarine cable, well…lands on the land, to the core switch, to the leaf switch, to the DSLAM down the road, to your router).
The ISP can get cute and just route everything with bigger subnets, but when I was troubleshooting (let’s go with this, still under NDA) a large network across multiple ISPs, I was seeing their VOIP traffic being blasted to every host on the network. VOIP isn’t typically encrypted, mind you.
Yea, it’s a way long reply, but I needed to do it to show that there is indeed a method to the madness.
Now back to the short version: Using NAT, this is the current state for the RIRs (regional assigners):
Note: as the SS shows, the numbers are available /8s.
Do you think there are enough IPv4s for everyone, considering that ~6 out of ~9 billion people are already online? I think it’s a solvable problem using NAT (including CGNAT).
Just a tip though: NAT isn’t anything bad. It’s PAT (port address translation) you(=people) are having problems with: NAT just takes care of changing 1.1.1.1 to 192.168.1.1. Your packet can’t get through though because the port mapping doesn’t (and can’t) match, since it’s not a 1:1 ratio. If the ISP assigned a range of ports to go with each IP, then it’s a nonissue for 99% of the people.
EDIT: Oops forgot to add re: table size:
It’s not the cost of storing the routing tables. It’s the cost of the ASICs processing those tables.
Finally managed to edit my reply properly 
That’s from the ISP POV. From my POV, I have my internal network, my DMZ (where the node is) and so on. Right now I use RFC1918 IPs, but if my ISP gave me a /24, I could split it up to those vlans (and in some places I have split up a /24 of public IPs into many vlans). I can split up a v6 /64, at least now, I think. I should not need to ask my ISP to allow me to use vlans inside my own internal network, especially if the assigned subnet has more than enough IPs. It’s like if I was unable to split up a /24 of v4 IPs.
Not with the ISPs I work with or the ISPs of my home connection. It’s usually /24 (/25 etc is that particular vlan has few subscribers) or bigger.
I have two home connections - one gave me IP with /21 and another with /18 - a single IP in a huge subnet.
As long as equipment supports it a point-to-point connection can use /31 and not waste IPs, but yeah for BGP peer IPs and such I usually see /30.
You missunderstood me. A /64 IPv6 is routed to you. How you want to use it is up to you. Yes you can split it up on your end, but you need to disable autoconfig on your devices. The ISP can’t ask every client to do that, so they go through the path of least resistance: assume that each client’s interface will be autoconf, so send them a number of /64s.
That’s your ISP getting cute with the routing. You are on the same subnet as other subscribers, ie in the same broadcast domain. If they broadcast something on the network, it gets to you as well (=bad for security).
It can, but it breaks a few things on the ISPs end. Too technical to get into here. As a note, a network can even use a different gateway (ie saving a public IPs per assignment) outside its own subnet: it just sends out an ARP request (literally shouting on the network “who has this IP?” waiting for an answer). That slows down things a bit, and is one of the breakages I mentioned (can’t shout if there is no broadcast address, ie in /31).
It’s on the internet, so it either is encrypted or, well, bad for security anyway. Some ISPs I know use switch “traffic segmentation” so the customers do not see each other. As far as I have noticed, most ISPs here have large subnets for customers. The only small subnets I see is when I get a connection with BGP, then it’s usually a /30. For regular customers it’s at least /24 unless the ISP just allocated fewer IPs to that particular vlan. Having each home user on a separate vlan or at least a separate subnet sounds like a waste of IPs. Almost everyone uses routers (even though some of them are stupid) anyway, so there should not be a lot of broadcast traffic.
Well, I remember some time ago one local ISP (I do not remember which) wanted to prevent people from using NAT routers to connect more than one PC or device to the internet. All incoming packets had TTL=1.
Another instance (I do not remember if this was the same ISP or a different one) an ISP limited the number of established TCP connections.
So, somebody trying to allocate the smallest block allowed (especially if it then limits what the customer can do with his internal network) and wanting more money for more would not be that surprising to me.
Honestly, with IPv6 I would very likely still use NAT, probably 1:1 mapping instead of 1:N mapping like it is with v4. Or some combination of both types.
1 Like
That’s not how business works. The cost is there because there is someone how pays it and also can’t get it any other way.
1 Like
Care to link to any study that shows this? I’m interested in forwarding it to a couple of former colleagues.