Some Telcos and ISPs are Frustrating IPv6 Adoption

An anonymous reader writes: "There are indications that telecommunications operators and traditional ISPs in the country are frustrating adoption of Internet Protocol version six (IPv6) by other networks," reports Nigeria's Guardian newspaper, citing Nigeria CommunicationsWeek. The magazine found 32 networks with IPv6 addresses -- but only three which are using them. And the newspaper cites "a network engineer with a university who does not want to be named" frustrated that their ISP's network isn't IPv6-compatible, so the university can't use its own IPv6 address. "Mohammed Rudman, chairman, IPv6 Council Nigeria, said that most telecommunications operators and internet service providers in the country have not adopted IPv6 which raises the issue of compatibility with other networks."
Firefox has a fast-fallback-to-IPv4 option, which you can disable in about:config (as well as an option to disable IPv6 altogether). But "the Chrome browser supports IPv6 natively and doesn't allow users to decide which protocol to use," reports TechGlimpse.com.

How does your browser perform? Long-time Slashdot reader ourlovecanlastforeve shared a link to Test-IPv6.com, which detects whether "when given the choice, your browser decided it would prefer to use IPv4 instead of IPv6."

Re:Isn't this good?

[johnw]

See RFC4941. You can set up your devices (or device) so that they keep changing their IPv6 addresses, concealing both which is doing what and how many devices you have.

IPv6 is my preferred protocol now

[AlanObject]

I know it is cool here to hate on Comcast but my cable modem service supports it so easily now that I don't see any barrier's to adoption.

I used to use one of my Apple Time Capsules (so shoot me) for my router but when I needed better VPN service I got a $35 Mikrotik and made that the gateway router and the Time Capsules are now bridge-mode Wifi access points behind that.

Fast forward a couple of years and I hear about Comcast has IPv6. I found out that my Mikrotik needed an upgrade for IPv6 support but that was surprisingly painless. Once you have that and turn it on the router gets your IPv6 address assignment from the upstream DHCPv6 server Comcast runs. That gives you a 64-bit "address pool" (which is what Mikrotik calls it) and without doing anything else all your household devices get an IPv6 address according their own capabilities.

Comcast did it right, but you still need the right router software on your end. The Time Capsules didn't cut it but the Mikrotik router did. I can't speak for other products because the router worked and there was no need to try anything else.

Windows no problem. MacOS no problem. Smart phones, TV, cams and all the other junk no problem.

The only reason you need IPv4 at all is because there are still a LOT of servers and services out there that can't be reached by IPv6. But I have had no issue with Safari, Chrome, or Firefox or any other networking application.

The payoff for me is that I run a fair number of VMs out in the cloud. My co-location host is reasonably OK with giving me IPv4 addresses when I need them but now I don't even bother assigning an IPv4 address to a system unless it is for public access. IPv6 straight from my system at home to the VM out there.

Fringe benefit: The public IPv6 addresses, at least those that don't have well-known AAAA DNS records, don't get constantly assailed by bots with dictionary attacks.

Gripe: XenCenter doesn't support IPv6 for management. And it is a mess to try and install a mitigating tool like fail2ban in the XenServer hypervisor. What a pain.

That's my take anyway.

Re:Isn't this good?

[Ramze]

Yes and No. With a proper firewall, no one can scan your network for devices as it should only allow incoming traffic through that is a reply to outgoing traffic. But, sites you visit from IPV6 devices would show their full IPV6 unique ID on your network -- so say... Facebook or Netflix might know exactly how many devices you have at your home that you use to connect to their services.... BUT, they really know this anyway because they scan for device IDs, browser fingerprinting, etc.

NAT is a hack and not a security feature. It has its own security issues as well.

https://www.internetsociety.or...

IPV6 is only bad if you have no proper hardware firewall between your ISP and your network... or if your ISP is spying on your traffic (in which case, you have bigger issues and need a VPN)