Re: Debian 11: How to disable IPv6

To: debian-user@lists.debian.org
Subject: Re: Debian 11: How to disable IPv6
From: Andy Smith <andy@strugglers.net>
Date: Tue, 12 Jul 2022 22:33:09 +0000
Message-id: <[🔎] 20220712223309.jzoyq5nazwihrq3g@bitfolk.com>
In-reply-to: <[🔎] 202207112231.36865.rhkramer@gmail.com>
References: <[🔎] alpine.DEB.2.20.2207091537330.16633@maria.rogerprice.org> <[🔎] fab8cd1e-97c5-fad8-fdaa-8f5da36f3570@shentel.net> <[🔎] 20220710224810.lx46ezqft67gmj5g@bitfolk.com> <[🔎] 202207112231.36865.rhkramer@gmail.com>

Hello,

On Mon, Jul 11, 2022 at 10:31:36PM -0400, rhkramer@gmail.com wrote:
> On Sunday, July 10, 2022 06:48:10 PM Andy Smith wrote:
> >   Otherwise I'm afraid your claims about IPv6 so far have been quite
> >   bizarre, on the level of "IPv6 ate my homework" or "my father was
> >   killed by a 128-bit integer", and can't be taken seriously.
> 
> From the peanut gallery: I disabled IPv6 quite some time ago.  I don't recall 
> how I did it, but I might have that information in my notes, somewhere.

Are you sure you've done it then? 😀

I don't care whether you disable IPv6 or not, but you seem to care
yet also not remember how you did it, so maybe is worth checking
that you really did.

After all, in this thread we've already seen:

- one person who forgot they had disabled IPv6 one way and tried to
  do so again in another way, and

- another who thought they had turned off all AAAA (IPv6 address)
  DNS responses, but hadn't.

As mentioned, it is in the nature of this thing to try to work
without you noticing it.

> The reason that I disabled it (which might not be totally logical) is that in 
> IPv4, I have always had my computers (and LAN) behind a NAT device.  

Some people do indeed seem to miss NAT in IPv6. Others say NAT is an
abomination and a proper firewall is what's called for. I'm not
going to bite. 😀

You could maybe just learn how to use ip6tables or nft (or one of
the higher-level tools like firewalld) to block off IPv6 coming in
on your WAN interface while still leaving it working on your local
network. If you care.

The main reason for an eyeball network (one that hosts users that
mainly look at things on the Internet) to make use of IPv6, once
their service providers support it, is for better performance. As
the scarcity of IPv4 addresses bites, more resources on IPv4 are
forced to be behind NAT sharing a small pool of globally routed v4
adresses. This is called Carrier Grade NAT (CGNAT).

CGNAT devices add latency and are expensive to scale. They also lump
misbehaviour of users together. Content networks save money on
scaling and operating CGNAT by putting resources behind IPv6, and
eyeball networks get better performance. Secondarily they get that
separation of reputation from other users of their ISP.

It's not a huge deal yet for those in the American and European IP
regions, but it is increasingly becoming so. Just today I saw an ad
for a new local ISP on Facebook here in UK, and there were several
angry comments on the ad from gamers saying "latency sucks" and
"they use CGNAT", so already there is increasing awareness of this.

Cheers,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Reply to:

References:
- Debian 11: How to disable IPv6
  - From: Roger Price <debian@rogerprice.org>
- Re: Debian 11: How to disable IPv6
  - From: gene heskett <gheskett@shentel.net>
- Re: Debian 11: How to disable IPv6
  - From: Andy Smith <andy@strugglers.net>
- Re: Debian 11: How to disable IPv6
  - From: rhkramer@gmail.com

Prev by Date: Re: nft newbie
Next by Date: jupyter-qtconsole, turtle, and Xfce: unresponsive turtle console
Previous by thread: Re: Debian 11: How to disable IPv6
Next by thread: Re: Debian 11: How to disable IPv6
Index(es):
- Date
- Thread