Beep boop - this is a robot. A new show has been posted to TWiT…
What are your thoughts about today’s show? We’d love to hear from you!
1 Like
An absolutely fantastic episode, as always! But I’m a little disappointed in the state of IPv6 adoption. Relying on NAT seems like a Band-Aid at best. It’s great that it’s working and has allowed us to get a couple extra decades out of this, but it feels like IPv6 is the real answer that we should be moving to. Both of the ISP’s in my area (Spectrum and AT&T) offer IPv6, but neither enables it by default. Most consumer routers I help people set up don’t enable it either. I usually turn it on for people just because, and never once has anybody complained.
Maybe one day we’ll get there, but it sounds like that ‘maybe’ is not in any of our lifetimes. 
It’s actually desirable I think because NAT is like an auto-configuring deny-by-default firewall. Since a lot of software is very insecure, there are a lot of potential attacks that are mitigated by the devices being behind a firewall and thus being invisible to most attackers.
2 Likes
That’s a good point, but wow in this day and age you’d really expect all consumer-grade OS’s not to respond on any ports by default. Firewalls need to be on by default in this modern, non-fun internet.
Also correct me if I’m wrong, but even without NAT routing on IPv6 there’s still routing right? Can ISPs firewall traffic without NAT?
Yes, the definition of an inter-network involves a router. Basically the Internet is a collection of networks, which are connected together by routers making a bunch of decisions about whether any given packet is “one of ours” or “headed to somewhere else”. This way packets are kinda just hopping along, they don’t need to have their entire route planned out ahead of time.
Sure they could, but then they need very powerful machines to make the correct decisions so quickly when faced with an onslaught of traffic. While there are times when a link in/out of an ISP may be pretty quiet, like 4am when most customers might be asleep, there are times when everyone is awake and many are streaming some video content or something, and that is a lot of packets to inspect, most of which are time sensitive so you can’t be slow doing it.
Hmm… I can understand where you’re coming from, but we just learned that over 50% of the US is already on IPv6, and the likes of YouTube, Facebook, Instagram, and Microsoft are all supporting it. Also when looking at the ISPs’ utilization, it looks like some of them are more than halfway through the switch. So these more powerful machines? Sounds like everyone already has them! Is there such a thing as a “pretty quiet” time for YouTube?
To me it feels like there aren’t as many barriers to IPv6 as I initially thought, and the fact that everything is name-based nowadays only supports the argument that we could make the switch and most people wouldn’t notice.
Those sites are “on” IPv6, but they are also “on” IPv4 and in many parts of the world, the ISPs are still on IPv4 only, so even though those servers can accept IPv6, a majority of visitors will still be coming over IPv4