Imagine a world, where you have IPv6 everywhere. In every office, every home and every network.
Everywhere you are, you have access to public IPv6 addresses. When you want to connect to the computer of a friend to help them, you can just do it. When you want to check out a file from a coworker, you don’t need to connect to the cloud service, but you can just check it out on their computer. Or if you are gaming, you don’t even need a game server, because you can just add the IP addresses of your friends in your game and connect directly.
How easy would it be when you have IPv6, everywhere?
The current situation
Currently, you can be connected to a variety of different Internet connections.
You may already be on a modern IPv6-only network, or a dual-stack network. Or you might be behind a traditional Network Address Translation (NAT) with one public IPv4 address reserved for you, or connected to the Internet through multiple levels of NAT — Carrier Grade NAT (CGNAT).
So how can we manage all these different situations and bring IPv6 everywhere? Let’s have a look at it as we would in a maths class: by case distinction.
Case 1: IPv6-only and dual-stack networks
We already have IPv6 in this scenario and nothing needs to be done. Didn’t you love this type of proof in your lectures, too?
Case 2: NAT with a static public IPv4 address, no IPv6
This is the typical case of landline or cable connections in many regions. You get one IPv4 address assigned to your whole network, which is mostly stable and it rarely changes.
In this case, you can use methods like 6to4 , the classic HE.net tunnel, or a Virtual Private Network (VPN). All three methods will more or less equally bring IPv6 to your destination.
However, in the case of 6to4, your IPv6 prefix will change if your public IPv4 address changes.
Case 3: CGNAT and varying public IPv4 addresses, no IPv6
This is the typical situation in mobile networks, where even the uplink IPv4 address is from either the RFC 1918 or RFC 6598 ranges. Connections usually only work when an outgoing request is created by your device and a corresponding session entry is created in the CGNAT mapping table. Because you cannot receive packets that originate from outside, services like HE.net do not work in this situation.
Historically, Teredo (RFC 4380) used to be an alternative in these situations as well. However, some networks nowadays block Teredo traffic and, in general, the use of Teredo is discouraged.
The viable option, in this case, is the VPN-based tunnel, which actually works in all three cases.
Requirements for rolling out IPv6
Now that we have clarified which technologies we can use, the question is how to bring IPv6 everywhere practically?
In my opinion, IPv6 should always come with three conditions:
- Little cost
- Low installation effort
- Ease of use
Without these requirements, it will be impossible to truly bring IPv6 everywhere, as financial or technical challenges will prevent the implementation.
VIIRB to the rescue
Now, in 2020, I am very happy to announce that the efforts at ungleich have led to an affordable, easy-to-use and versatile solution to bring IPv6 anywhere: the VPN IPv6 IoT Router Box, or VIIRB for short.
The VIIRB is a MIPS-based microcomputer that is about 9 cm³ (3cm x 3cm x 3cm) in size. It is powered by a USB, has a 580 MHz CPU, 128 MB RAM and 16MB storage. Actually, it is not much bigger than an Ethernet port.
How the VIIRB works
When you connect the VIIRB in an IPv4-only network, it will establish a VPN using Wireguard to Data Center Light. From there it gets a /48 IPv6 network routed.
It then uses router announcements on the same network cable to provide IPv6 to every computer connected in the same network.
Additionally, the VIIRB comes with a short-range Wi-Fi network named ‘IPv6 everywhere’. The special thing about this network is that it is IPv6-only. So with the VIIRB, you can test your computers and applications in an environment of how networks will look like in the near future anyway.
The future of the VIIRB
Within a few months, the VIIRB has found friends and users all around the world and I am very excited to see this. However, the goal at ungleich is to make IPv6 truly accessible from everywhere in the world.
For this reason, ungleich is looking for partners who are interested in distributing IPv6 with the VIIRB in their communities. If you are interested, I would love to hear from you at firstname.lastname@example.org or IPv6 chat. Or leave a comment below.
My dream is that one day, one of the five RIRs chooses the VIIRB to provide instant access of IPv6 to their Members.
Thanks for reading; let’s see what the future brings. I wish you a good IPv6 day!
Nico Schottelius is an IPv6-Hacker and CEO of the IPv6-first company ungleich.ch.
The views expressed by the authors of this blog are their own and do not necessarily reflect the views of APNIC. Please note a Code of Conduct applies to this blog.