IPSec was a big one that’s now borderline obsolete, though it is still used for VPNs and was back ported to IPv4.
Many networking folks including myself consider IPv6 router advertisements and SLAAC to be inferior, in practice, to DHCPv6, and that it would be better if we’d just left IP assignment out of the spec like it was in V4. Right now we have this mess where a lot of nets prefer or require DHCPv6 but some vendors, like apparently Android, refuse to support it.
The rules about how V6 addresses are chopped up and assigned are wasteful and dumb. The entire V4 space could have been mapped onto /32 and an encapsulation protocol made to allow V4 to carry V6, providing a seamless upgrade path that does not require full upgrade of the whole core, but that would have been too logical. Every machine should get like a /96 so it can use 32 bits of space to address apps, VMs, containers, etc. As it stands we waste 64 bits of the space to make SLAAC possible, as near as I can tell. The SLAAC tail must have wagged the dog in that people thought this feature was cool enough to waste 8 bytes per packet.
The V6 header allows extension bits that are never used and blocked by most firewalls. There’s really no point in them existing since middle boxes effectively freeze the base protocol in stone.
Those are some of the big ones.
Basically all they should have done was make IPs 64 or 128 bits and left everything else alone. But I think there was a committee.
As it stands we have what we have and we should just treat V6 as IP128 and ignore the rest. I’m still in favor of the upgrade. V4 is too small, full stop. If we don’t enlarge the addresses we will completely lose end to end connectivity as a supported feature of the network.
> Every machine should get like a /96 so it can use 32 bits of space to address apps, VMs, containers, etc.
You can just SLAAC some more addresses for whatever you want. Although hopefully you don't use more than the ~ARP~ NDP table size on your router; then things get nasty. This should be trivial for VMs, and could be made possible for containers and apps.
> The V6 header allows extension bits that are never used and blocked by most firewalls. [...] Basically all they should have done was make IPs 64 or 128 bits and left everything else alone.
This feels contradictory... IPv4 also had extension headers that were mostly unused and disallowed. V6 changed the header extension mechanism, but offers the same opportunities to try things that might work on one network but probably won't work everywhere.
IPSec was a big one that’s now borderline obsolete, though it is still used for VPNs and was back ported to IPv4.
Many networking folks including myself consider IPv6 router advertisements and SLAAC to be inferior, in practice, to DHCPv6, and that it would be better if we’d just left IP assignment out of the spec like it was in V4. Right now we have this mess where a lot of nets prefer or require DHCPv6 but some vendors, like apparently Android, refuse to support it.
The rules about how V6 addresses are chopped up and assigned are wasteful and dumb. The entire V4 space could have been mapped onto /32 and an encapsulation protocol made to allow V4 to carry V6, providing a seamless upgrade path that does not require full upgrade of the whole core, but that would have been too logical. Every machine should get like a /96 so it can use 32 bits of space to address apps, VMs, containers, etc. As it stands we waste 64 bits of the space to make SLAAC possible, as near as I can tell. The SLAAC tail must have wagged the dog in that people thought this feature was cool enough to waste 8 bytes per packet.
The V6 header allows extension bits that are never used and blocked by most firewalls. There’s really no point in them existing since middle boxes effectively freeze the base protocol in stone.
Those are some of the big ones.
Basically all they should have done was make IPs 64 or 128 bits and left everything else alone. But I think there was a committee.
As it stands we have what we have and we should just treat V6 as IP128 and ignore the rest. I’m still in favor of the upgrade. V4 is too small, full stop. If we don’t enlarge the addresses we will completely lose end to end connectivity as a supported feature of the network.
> Every machine should get like a /96 so it can use 32 bits of space to address apps, VMs, containers, etc.
You can just SLAAC some more addresses for whatever you want. Although hopefully you don't use more than the ~ARP~ NDP table size on your router; then things get nasty. This should be trivial for VMs, and could be made possible for containers and apps.
> The V6 header allows extension bits that are never used and blocked by most firewalls. [...] Basically all they should have done was make IPs 64 or 128 bits and left everything else alone.
This feels contradictory... IPv4 also had extension headers that were mostly unused and disallowed. V6 changed the header extension mechanism, but offers the same opportunities to try things that might work on one network but probably won't work everywhere.