IPv6 FTW!

IPv4 is real estate. Supply and demand makes cost rise. Trying to figure proper routes and address translations is a hassle. The only thing IPv4 is good at, is looking like phone numbers.

Above is the always current IPv4 depletion graph by Geoff Huston on February 2nd 2017.

IPv4 address space is depleted in many regions, and it has consequences. The primary problem for IPv4 in the cloud, being a service provider is the shortage of IP numbers to serve SSL traffic from; the security model for SSL certificates once mandated that each certificate should have its own IP number (well... almost true). The advent of Server Name Identification (SNI), has, sort of, removed that restriction; and for all users with fairly modern browsers the transition to SNI is happening without any wrinkles.

But we could do so much better.

Being in the Software-as-a-Service business I would have preferred a full, world wide, switch to IPv6 instead of the introduction of SNI. Because having enough IP numbers I could publish the content for my customers on distinct IPs from several locations around the globe. And not only that; I could manage the traffic per customer at OSI layer 3, the IP layer. Hence I could throttle and DDoS mitigate specific customers, without wasting time and ressources on doing SSL/TLS handshakes and parsing headers. My DDoS prevention toolbox would be much, much bigger and much, much more efficient. Once, when I become the ruler of the universe, I'll make that happen.

Granted, IPv6 addresses are tedious to enter, though efforts have been made to simply the notation. But really, nowadays you hardly ever type in IP numbers — services are discovered, machines are autoconfigured — hardly ever do you need to type in IPs.

When you deploy IPv6 and enforce it, you'll realize just how much of your former everyday IPv4 work, hardware and configuration — was just there because IPv4 did not have the address space needed.

I know it's an old book, but I've enjoyed reading Benedikt Stockebrandts book, „IPv6 in Practice‟, it's a wonderful mix of hands on examples from different unices, architectural overview and best practices: http://www.springer.com/la/book/9783540245247 — read it, and see how the fundamental principles of the construction and design of the internet are withering under the constraints of a depleted address space. Wake up, move on and redesign your setup — it'll be much cleaner, nicer and scalable.

There are many cloud providers doing IPv6, now even everyones favourite cloud provider, Amazon, is rolling out IPv6 support, it was announced during their 2016 AWS re:Invent conference: https://aws.amazon.com/blogs/aws/new-ipv6-support-for-ec2-instances-in-virtual-private-clouds/; enjoy!

I know IPv6 is hard, because it is new; and as a technician, it's hard to be the shepherd leading the businesses through the drought plagued IPv4 valleys of depletion towards sanity. IPv6, live long and prosper.