Today I want to tell you a real-world story about how we build and market IPv6-only services at ungleich.
In 2013, I founded ungleich to offer Linux consultancy. Being a startup, we did not have a lot of infrastructures ourselves. Whenever customers asked us to provide hosting for them, we referred them to another cloud provider. That was until the end of 2016.
In 2016, requests for Swiss-based hosting grew significantly and we started to consider building our own data centre in the Canton of Glarus. Glarus is a pretty mountain canton in the heart of Switzerland. The region used to host many spinning and weaving factories, most of which stopped working by the late 90s.
How well is Glarus suited to hosting a data centre?
It turns out much more suited than we imagined.
The old factory halls from the spinning and weaving industry are still in a very good state, so we were able to re-use and modernize them, instead of building something new.
Secondly, most factories have their own hydropower plant, so we can run services with 100% renewable energy. And with an on-site power plant, we can use the regular grid as a backup.
The last important part of running a data centre is connectivity and that one surprised us the most. Because most old spinning and weaving companies had their own power plants, the local electricity company needed a way to measure their power production. Instead of using copper cables, they were smart enough to connect the old factories with fibre.
Building and pivoting
We started building a prototype in 2016, which is when the real discussion started in our team: should we go IPv4-only, dual-stack, or IPv6-only?
In the first stage, we decided to configure all virtual machines (VMs) only with IPv6. They were directly reachable from the IPv4 Internet with a static NAT64 mapping. Outgoing traffic was also mapped directly to the assigned IPv4 address.
It turned out that this was not a smart idea in 2016. Within a short time, customers found interesting edge cases. NodeJS would not even resolve domain names via AAAA and other software had IPv4 addresses hardcoded.
So, in early 2017 we entered stage two and switched all customer-facing VMs to dual-stack mode with native IPv4 addresses and routing. This brought us directly to the next challenge: IPv4 exhaustion.
While RIPE has only just recently announced that they have run out of IPv4 space, as an LIR we faced this problem much earlier. The limitation of IPv4 space effectively limits our sales. We could potentially have gone for the option of buying IPv4 space on the market, however, this does not align with our goal of offering sustainable services.
We entered stage three with the new brand, IPv6OnlyHosting.com. Services offered under this brand do not contain IPv4 addresses and they also do not have a statically mapped IPv4 address. They are pure, clean IPv6-only services. And they are also more affordable than their dual-stack counterparts.
Obviously, we did face some challenges until this service became stable. The first one was that customers bought IPv6-only VMs, but did not have an IPv6 connection themselves. So we created a new service, IPv6VPN.ch. This is a wireguard based VPN, which enables anyone to reach the full IPv6 Internet. We have tested it in various economies and haven’t found any economy where the IPv6 VPN does not work. This way, we can ensure that everyone has access to the IPv6 Internet.
The second challenge was that customers wanted to provide services to the IPv4 Internet on their IPv6 only VMs. So we introduced a new service, an IPv6-to-IPv4 proxy. This proxy forwards HTTP and HTTPS requests name-based to the right VM, based on the TLS name indication and on the HTTP host header.
So what is the outcome of pushing IPv6-only services?
Our network complexity is significantly reduced and we don’t need to spend resources on acquiring IPv4 address space. This way we can offer our customers more affordable services.
Best of all is IPv6 made our life at ungleich much more fun. Customers often challenge us to support more IPv6 features and become IPv6 enthusiasts themselves. And we can tell you, this is really rewarding.
From these experiences, we highly recommend taking the same path and offer your services via IPv6-only; you’ll be sure to get a smile from your customers.
Nico Schottelius is an IPv6-Hacker and the CEO of the IPv6-first company ungleich.ch
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.
Awesome post.
First hand view of IPv6 challenges & solutions to same.