Update: Screw IPv6 2023-04-18
I saw in my logs that someone was reading this today and figured I should update it... because in the meantime I have [mostly] given up on IPv6. I kind
like the idea of IPv6, and I guess routing [rather than NAT'ing] is the correct way to manage traffic, but Teksavvy's native IPv6 is only static if you are already paying
for a static IPv4 address. This is because the IPv4 address is used to determine part of the IPv6 /56 range you get. I'd say that the reason a static IPv4 should cost a few bucks
a month is because they are low on availability. IPv6 has no such problem and it sucks that Teksavvy wouldn't want customers with dynamic IPv4 to have static IPv6.
Screw IPv6
2019-12-29 For the last few days I have been screwing with IPv6 at home, and at my datacenter location (someone else's home). Our ISP offers
native IPv6 and I have just been avoiding it because (1) I didn't feel like rewriting any of my firewall scripts to use ip6tables and (2) I didn't feel like there
was any reason to care. Lately I found myself thinking that it might be nice to use IPv6 to connect to the machines at my other location because I have a dynamic IP address at home and was thinking that the
native IPv6 I could get for free was perhaps static. Turns out it is. Well, you get a /56 that stays the same when you disconnect and reconnect. I fiddled with just modifying the basic masq'ing script I setup as a router but it was not cooperating. None of my cheapass old router devices supported IPv6, not even the
dd-wrt ones. Then I read somewhere that OpenWRT has good IPv6 support. I had an old Meraki MR12 lying
around that had OpenWRT on it, but I bricked it. I ended up snagging a TP-Link Archer C7 for $20 and the install went totally
crappy. I was able to debrick it with a TFTP upload and found that I like the interface. The LuCI web interface is pretty basic (which
I like) and it is just a router. No torrent client, no PVR, no crap I don't need, just traffic management.
The good news is that simply setting up the PPPoE connection was enough for it to grab up the /56 and start serving it up to the local clients. I could easily ssh to my DNS servers,
and basic IPv6 connectivity was working fine. The bad news is that it didn't go so well when I tried it at my other location. Rather than buying a piece of hardware to run it on I just setup a laptop with Virtualbox
and made an OpenWRT virtual machine. Oh you THINK the fact that it is a crappy VM is the problem, but it isn't. I setup the interfaces and IPv6 worked right away. I setup all the port forwarding and that seemed
okay too. However, when I got home I couldn't ssh to the new IPv6 addresses. I also couldn't use all the old IPv4 tunnels I had setup. All kinds of connections in to the new network were not working. After way too much
screwing around I seem to have discovered that although OpenWRT lets me setup the port forwarding it doesn't necessarily allow the traffic by creating a rule. It also allows IPv6 ICMP traffic,
(and a few other necessary traffic types) but not actual TCP/UDP communications. So I had to start making rules to allow traffic that should have been created by the port forwarding in the first place (or should have been part
of basic IPv6 routing).
The big concern I had about IPv6 was that suddenly machines that were hidden away behind NAT would be
accessible directly. Any services they may be hosting would suddenly be exposed to the wankers at large. Turns out the most annoying thing is finding a gateway device that works that way. Ultimately I think I'd be better
off just working on my own dynamic DNS for personal use and moving on with the world of IPv4. In my digital travels during this experience I came across this article about
the pain that is IPv6 and some of the reasons it isn't really getting any traction. Frankly, if a popular organization (I'm looking at you bunch of assholes Google) were to offer significant advantges to IPv6 traffic
or decent services that are IPv6-only, then I am sure lots of losers would jump aboard the IPv6 wanker train. Those losers would then start making their own IPv6-centric services and at some point, critical mass would
push the monkeys over the IPv6 hurdle. Let's hope it doesn't happen in my lifetime.
Don't get me wrong, I am sure that part of the problem is my shitty job of deploying IPv6... but there is no way it should be that much of a pain in the ass to setup
simple publicly accessible services over IPv6. A significant improvement over IPv4 is supposed to be the lack of having to use port forwarding in order to participate in this
flat peer-to-peer-based network. Well, I am back on IPv4 only now and disappointed but functional.
Merrygold, what do you think of IPv6?