It looks like the entire site is implemented in Javascript, which tries to fetch resources from various HTTPS URLs, some of which are configured to serve only over IPv6, others only over IPv4. But that just requires configuring a normal webserver to serve regular HTTP traffic, which is the bare minimum exposure to exploits any website has.
Either way, a huge thank you from my side as well, this website has been (and still is) a very good troubleshooting tool to fix my IPv6 deployments
The tier 2 support I've talked to has hot patched issues but then they re-surface a few weeks later.
In my particular case there seems to be an odd bug / misconfiguration from my side that makes the router / clients from time to time loose the IPv6 routing. The fallback is... a connection hanging forever. The only fix? Reconnecting to the Wi-Fi to get refresh the DHCP lease.
I debugged it for waay too long, and at this point I'm 80% convinced it's a Mikrotik bug of some sort.
It is sad.
I also saw things were IPv4 was MTU 1500 and v6 was 1492 (presumably because it was 6rd and the network had a lot of PPPoE) and then ICMP needs frag was rate limited which would end up with lots of stalled communications. (It took me a long time to build it, but I have a v4/v6 mtu test site now http://pmtud.enslaves.us )
And then there's he.net tunnels which used to be pretty nice, but now get you flagged for captchas and I've seen periods of 300ms added latency, which I assume means they're being abused. I had to stop advertising the range on my lan because it caused more problems than any benefits.
If your ISP provides reasonable CPE and v6 is enabled by default, most consumer equipment will use it, and most of the high traffic sites are available via v6; I would expect poor v6 routing affects more of their customers than poor v4 routing.
I could not escalate this inside Globe Telecom (no way to reach engineers that understand what a "peering issue" is), and Level3 (the transit provider where all failed traceroutes were going through) did not respond to emails.
Thankfully, it's mostly fixed now - Level3 is no longer the last successful hop on any of the traceroutes. The only failing link is with Evoluhost, and the problem has been traced to a routing loop involving 2001:fe0:4775:1c0::1 inside Globe (that I have no way to complain about).
Today's situation: https://i.ping.pe/j/9/img_j99kbqkn.png
If you are using 24.0 or 24.1 of OpenWRT, there is a catastrophic bug affecting IPv6 throughput. Most recent version fixes it.
Also, look at the price of every v4 address you have to rent, and compare it to v6 and tell me there's no return.
I've practically built an entire career out of finding ways for customers to use fewer v4 addresses and the demand is there because v4 addresses are expensive as shit due to their scarcity.
Which btw, is what ipv6 did. They just needed to enlarge the address space, instead it became a whole redesign that included changes that knowingly made it harder to adopt. That's not my fault. They can make a v7 with a better upgrade path from v4 if they want people to drop v4.
This is just absurd on its face. There are very real human, political, engineering, and financial reasons to not want to upgrade things that are IPV4 only. _SHOULD_ one do this, absolutely, but there's a lot more to it than people pulling the "hard" card. There's a bevy of reasons it IS hard, and very few of them are just obstinate luddites.
If there's no IPv6 support, be an engineer and -make- some: write the software that needs the support, use different vendors that don't break it just because they are actively lazy and can't be bothered to implement RFCs that are, at this point, decades old. IPv4 needs to go away yesterday.
Is anyone happy about it in ipv4 land? No.
I just think it is ironic that the biggest use of ipv6 is cgnat, and it's what they crow about in ipv6 uptake, despite the fact ipv6 is religiously opposed to NATs.
Regular NATs you have control over with poking holes. Cgnat you are restricted to tail scale stuff.
IPv4 works. IPv6 often doesn't. I'd love to see a benefit in ipv6, I see no benefits at all, I can't run an ipv6 only network, so I have to run ipv4, and everything I need runs on ipv4, why do I need to double my workload to run ipv6 and ipv4.
My ipv6 only ssid at home sits idle other than a test vm because when I reach a problem I just move onto my ipv4 only ssid and everything works.
As for "why", because I don't have to faff about with NAT or port forwarding, both of which are terrible. I just put addresses into a AAAA record and open a firewall rule, the way it should be. Meanwhile with v4 I have to port forward all web traffic to one server, then reverse proxy it to its final destination. It's more complicated and fragile to set up, whereas v6 is simple and pleasant to work with.
You can have zero configuration address discovery in a way that is simpler than IPv4.
You don’t need to worry about what happens when you get to over 200 devices on your local network (not unheard of in at home networks when you start adding IoT devices.
You can have stable addresses across ISPs if you bring your own prefix or use a tunnel.
You save money by not renting IPv4 addresses.
You don’t get as easily blacklisted for email delivery since you dot. Share a /24 with a bunch of spammers.
This is before you get into P2P networking without having to rely on a third party relay.
Why is this an advantage? As in, what's the downside to having to port forward?
I don't know what the issue was the last time, and I don't want to know. In particular, I don't want to have to know. When I open the tap, I expect clear, safe, drinking water, not having to debug why the pipe isn't working.
Basic stuff like getting automatically applied dynamic hostnames from the ISP fighting with whatever things are called internally wastes alot of time. I think most devices were getting 4 different addresses for various purposes and the devs had no idea which one they should be using.
I'm sure we were doing it wrong, or used the wrong gear, or whatever. But again, no discernable benefit to anyone involved. If we were located in a place with no IPv4 availability, probably a different story... but we don't. We turned it off except for a few networks that just provide client internet.
It is like carrying a Swiss Army knife in your pocket. Until you start it seems like you’d never need it. Once you do, you won’t live without it.
Thanks for the site for the last 15 years, it's helped me a number of times.
I don't suppose we can donate some money to keep this website up? Or perhaps some company like CloudFlare would like to host a mirror?
lazystar•1h ago
there is an engineer somewhere out there who will get paged on christmas due to a hidden dependency on this site being up, heh. that old xkcd comic comes to mind.
finaard•1h ago
I had my fair share of those as well - a bit over 2 decades ago I've added a CGI script to perform various DNS queries to my website - main purpose at that time was being able to show my customers DNS issues from their Windows boxes tied to corporate DNS.
Eventually some others added it to their documentation, with the most prominent one being OVH - they had a description on how to use my web site in various languages in their domain troubleshooting pages for many years.
I received a fair share of emails of people who were not able to figure out that I'm _not_ working for OVH, and I'm neither interested nor capable in solving their domain hosting issues with them.
They eventually built their own frontend, and by now it's mainly one guy from the Netherlands that now and then demands that I urgently add a new feature to the script.