讓我們複習一下計算機概論的網路章節,IPv4遇到地址耗盡的問題,因而制定較新的IPv6,在此過渡期間可採用堆疊(dual-stack)架構同時使用IPv4與IPv6、或使用NAT(Network Address Translation)。
首先建議您具備一定的網路原理知識,筆者在這裡所提的觀念可能較為獨特。
先說重點:我認為NAT的「技術概念」才是徹底解決地址不足的問題,而不是提出新的IP協定(指擴充數量)。
IPv6聲稱地球上每粒沙都可定址,但假設未來v6也用光了?
於是未來星系網路又定了IPv8,是2^256,並且銀河系每粒沙都可定址,然後又不夠了? 再定IPv10,是2^1024,三千大千世界所有微塵都可定址。
然而回到現實,經過多年現況主流仍是IPv4;我客戶開玩笑說,他在學網路的時候課本說IPv6是網路世界未來趨勢,他孩子長大了課本依然說IPv6是未來趨勢。
咦...? 網路世界發生什麼事?
比較正常的情形,我前往台北101會先到台北市、再到信義區、找五段找7號,
信義路X段X號的outside是信義區、信義區內湖區松山區的outside是台北市,某種意義上類似外部看向NAT網路。
換言之如果不考慮設備性能的因素,理論上NAT設備可以將2^32包一個oustside IP出去。
筆者從真正學網路是高三那年(2015),至獲得CCIE與從業前當作5年(2019),
從業後至今6年(2025),接觸networking、datacenter、security,見過全球眾多架構,除了ISP部分網路與一些公有雲服務(也同時存在IPv4,是dual-stack),其他所有生產環境完全不見IPv6;
有趣的事情是...一般情況下終端節點為什麼需要兩個地址? 地球上從沒見過中山路1段2號、公園路3段4號指向同一個地點。
你現在能瀏覽我的文章,表示你有能力存取Internet,可關鍵字what is my ip,看到你現在使用的public IP;無論你的ISP是誰,應該都能偵測到你的global IPv4,但不一定有global IPv6。(如果你的ISP是中華電信,取得global IPv6可能性較高)
關於IPv6具備的特性但v4沒有...
1)任播:我曾著迷任播技術的神奇,但經過設計與優化的IPv4也能達到類似效果。
2)無廣播:彷彿對網路是很大的優勢,然而無廣播的設計是針對L3網路層、僅僅是表頭上的意義,L2交換器仍然會floog下去。廣播的現象在大部分情況幾乎是負面的,然而IT可能透過廣播的原理達到特定目的。
3)Stateless Address Auto Configuration,SLAAC:在具有資安保護的網路,幾乎不可能實現。
定義上,SLAAC與DHCP fail顯然不同,效果卻相當接近;
SLAAC會將網路卡MAC插入IPv6字首生成IPv6地址,但不帶DNS、WINS等資訊;
Windows電腦透過DHCP卻等不到DHCP服務器回應,會自行生成169.254.X.X/16的地址,.X.X是亂數,也不帶DNS、WINS,閘道再設定169.254.254.254(如果系統允許),仍然能夠存取Internet。
所以SLAAC與DHCP fail的Windows主機都會自行生成純地址,相同點是兩者遇到重複地址的概率如盲龜浮木,相異點是IPv6多了DAD偵測。
當然,DHCP fail的玩法是不建議的,地址衝突造成的影響可大可小,我遇過客戶誤設新電腦IP與預設閘道相同,然後...? 然後就大斷線了,由於新電腦的ARP reply快於預設閘道,造成部分使用者以為預設閘道是新電腦。
(理論上MAC應與IPv4相同,MAC地址或許早已耗盡,好在它只工作於L2。)
4)流量控制:flow label欄位用作分配優先傳輸,實務上控制流量的需求以設備或應用程式的手段控制居多。
我曾質疑flow label以間接方式運作? 例如應用程式默默調整flow label;經實驗,得到的延遲(latency)與抖動(jitter)結果,flow label之有無似乎沒影響。IPv6是網路層協定,卻試圖搶應用層的工作。
5)封包切片:封包大小由端點決定(PMTUD),這點略優IPv4。
當然還有其他特色,但在我眼中不值一提。所以儘管IPv6具備某些特性是IPv4沒有的,卻不足以使IPv6成為革命性協定。
筆者也整理多方資訊,來源包含教科書、ChatGPT、台灣碩博士論文論文知識加值系統的論文等,幾乎是對IPv6歌功頌德,與列出NAT缺點。
然而為何現況普及的卻是NAT而非IPv6? 我想到以下可能原因
1.ChatGPT回答NAT缺點包含破壞了端到端連線模型、影響應用程式功能、不利服務架設、增加資源消耗、加密演算法相容性、不易追蹤連線等,其他教科書與論文的描述大同小異;
我看到這些缺點在A牌路由器做不好,但C牌路由器卻處理很好,這說明關鍵問題在廠商的系統設計,而非NAT本身的缺陷。
另外常見用詞是「破壞」端到端連線模型,我更傾向於「調整」一詞,因為隱藏內部網路架構是NAT核心功能。
若依教科書所說NAT是破壞端到端連線模型,那麼proxy應該也算同類? Proxy大多應用在資訊安全,因此受到較多擁護?
2.疑似羊群效應? 教科書就這麼說,然後正式的文章與學術論文大家相互參考。羊群效應不是不好,我也並非刻意吹捧NAT,但客觀事實是IPv4、IPv6、NAT在學術的部分描述,與現狀有出入。
Google提供IPv6統計網站,可以看到從2010年的0%,成長至2025年4月的44.47%,經過15年普及率未達一半。
在dual-stack架構建立IPv6網路,原則上不用新增路由器(除非設備或系統過於老舊不支持IPv6),透過現有IPv4網路登入路由器並導入IPv6,某種意義上IPv4是管理網路、IPv6是資料網路。
在年份接近的背景,相比4G LTE基地台覆蓋率(非用戶普及率),從2009年的0%,成長至2024年的92%。
當3G LTE進入4G 、甚至5G,除了原有行動網路基地台的支援性,也必須再建更多更密集的基地台。
我相信基地台的新建與維護成本,遠高於導入IPv6網路,然而燒錢的行動網路覆蓋率大勝IPv6普及率。由此可見IPv6不具備革命性產品。
所以我看今天的網路技術發展開始感到IPv6是多餘的,儘管學術上IPv4的缺點顯而易見,但對人類或生產需求卻完全不是問題,相反地IPv4對人類存在絕對優勢:十進制、易管理。
總之我的評價是「雖然IPv4不是好東西,但IPv6就是垃圾...」
Let us review the network chapter. IPv4 has a problem for deplete, so announce new IPv6. In the interim, we can use dual-stack(both IPv4 & IPv6), or NAT(Network Address Translation).
First, you should to understand principle of networking so much, my concept is maybe special.
The conclusion: I think technology of NAT, that is resolve address deplete. Instead of announce new IP protocol(means extend quantity).
IPv6 claims every sand are able addressing in the earth, but if IPv6 also deplete in future?
And then human announces IPv8 at galaxy network, it is 2^256 that every sand are able addressing in galaxy. But deplete again?
And then is IPv10, it is 2^1024. loop again?
Let us back reality, we had through many years, main network still IPv4; My customer kidding said, when he was student, schoolbook teaches IPv6 is trend. However the time until to his child, schoolbook still say IPv6 is trend.
Wow...? What happened in network world?
In normal situation, I go to Taipei 101, should arrive Xinyi District, and then to find sub-number.
If we exclude performance of device, I think NAT device is able to sum up 2^32 addresses to 1 outside IP.
My learning network time is 5 years, industry experience is 6 years.
And I touch networking, datacenter, security, look so much architectures in the global. Except part network of ISP and public cloud(it is dual-stack), other production network with out IPv6.
A funny question...in normal situation, why end-host needs 2 address? We have never see 2 address pointing same node.
You can access my blog now, which means you can access the Internet. You can search keyword「what is my ip」, to see your public IP address;
No matter who your ISP is, it should detect your global IPv4, but not sure detect global IPv6.(If your ISP is CHT, maybe get global IPv6.)
About IPv6 feature but v4 has not...
1)Anycast: I ever obsessed magical it, but we can design or optimize IPv4 to achieve similar purpose.
2)Non-broadcast: it seems is advantage in network, but this design is for L3 network layer, it is significant for header only. L2 switch still flood out. Broadcast phenomenon is usually bad, however IT may be through broadcast principle to achieve some task.
3)Stateless Address Auto Configuration,SLAAC: In network with cybersecurity protection, it is so hard.
In technology, SLAAC and DHCP fail are difference, but effects are similar;
SLAAC can insert MAC format into IPv6 prefix to generate address, but has not DNS, WINS and so on;
If Windows PC DHCP fail, it will generate an address for 169.254.X.X/16 self, the X.X is random, and has not DNS, WINS also. Gateway can set 169.254.254.254(if system permit), even if DHCP fails on Windows, still able to access the Internet.
So SLAAC and DHCP fail, they will generate address self. Same characteristic is very small probability of duplicate address. Difference is IPv6 with DAD(Duplicated Address Detection) function.
Of course, method of DHCP fail is not suggest, because address duplication that effect maybe big.
My customer has mistake, set same address as default gateway, and then? network flapping! Thanks to new PC's ARP reply faster than default gateway, cause user(s) thinks default gateway is new PC.
(MAC maybe same result with IPv4, is address deplete, but lucky it working L2 only.)
4)Flow control: flow label field can assign transmit, actually this demand adjusting by device or application.
I had guess how working of flow label? Such as adjust flow label field by application; According my lab, the result for latency and jitter, flow label seems with out any effect.
IPv6 is protocol working at network layer, but it seems attempt application layer too.
5)Packet fragment: Decide Packet size by end host(PMTUD), it is a winner over IPv4.
Of course IPv6 has other features, but I think they are not important. So above, IPv6 can not be powerful protocol.
I have collect so much data, include schoolbook, chatgpt, thesis and so on. They are almost acclaim to IPv6, and list disadvantages of NAT.
However, why the popular is NAT not IPv6?
1.ChatGPT answers NAT disadvantages, includes to break end-to-end session model, effect application, hard for server, with resource consume, security, track session and so on.
These disadvantages in vender A is trouble, but is good in C. The root cause maybe in vender system design, not NAT self.
And then this word「break」, should to 「adjust」. Because hide the internal network is main function of NAT.
Schoolbook says NAT「break」 end-to-end session model, but I like 「adjust」. Because hide internal network is main feature of NAT.
If schoolbook use break this word, so the proxy also...? Proxy is usually on information security, so it get much approve?
2.Similar as bandwagon effect?
Google provides IPv6 adoption. You can see it is 0% from 2010, grow up to 44.47% Apr 2025. Pass 15 years but grow up speed is very low.
In dual-stack to add IPv6 network, you should will not add router(s).You can login router by IPv4, and then import IPv6. So IPv4 is management network, IPv6 is data network.
Compare 4G LTE coverage(not client popularity), it is 0% from 2009, grow up to 92% 2024.
When 3G LTE upgrade to 4G or 5G, you need to add more LTE.
I think LTE that cost, is more than import IPv6. So IPv6 with not powerful product.
[image]
So we look today, IPv6 seems unnecessary, extra, not trendy. I know disadvantages of IPv4 are exist, however they are not evident trouble by human or production. Contrary, IPv4 has good advantages: decimal, easy manage.
Summary my comment「IPv4 protocol is not good, but IPv6 is trash」.
