cancel
Showing results for 
Show  only  | would you rather see results for 
Did you mean: 
Need help?

When will TalkTalk support IPv6

ANSWERED
Reply
Highlighted
Problem Solver

In fairness it's not the consumer which feels the effects of IPv4 address exhaustion, but the organisations on the other side providing services to them. Until ISPs like TalkTalk and Plusnet jump on board the whole migration process is frustrated.

 

Ideally we would be at a point now (or indeed a few years ago) where every connection is IPv6 enabled and IPv6 only services were a possibility.

Highlighted
Team Player

the consumer can feel the pain.. devices inside the network try and rely on weird nat traversal services, or uPNP,  in order to be connectable. Sometimes you find multiplayer games act up. If you and your partner both work from home, you might find you can't both use the corporate VPN at the same time (I have direct experience of this) because of weird nat issues.

with single nat, there's workable solutions, but with double or cgnat, it can become a real mess.

Highlighted
Super Duper Contributor

"NAT was only ever a temporary bodge"

 

Exactly this. When I and a few other people developed NAT routing into a viable solution for dialups in 1991-1993 it was to solve very specific problems relating to _small_ networks of computers behind dialups and we regarded it as a kludge even then as it broke a lot of stuff. Other people developed helpers and automated port forwarders later on, but they're _all_ just kludges on the original kludge.

We had no idea that over the following 20-25 years it would turn into a Saturnian monster that would be inflicting breakage on epic scales, as we were expecting IPv6 to be deployed by then.

IPv4 was an interim kludge solution to a critical shortage of IP address space which was only intended to exist for 5-7 years until the new protocol was finished. That new protocol (IPv5 - aka IPX) turned out to be utterly unusable because it didn't scale. It was already over a decade old when I started dealing with it and it was already clear that shortages were looming on the horizon - the large space isn't intended to be packed full of IPs, it's supposed to be used for routing , like a red/black binary tree - and because of the kludges that were tacked onto it, we've had to come up with mountains of other kludges such as the myriad routing protocols (OSPF, BGP, etc etc) that shouldn't have to exist.

IPv6's 128-bit address space is the same size that IPv4's was originally set out as, until Vint Cerf was browbeaten into reducing it to 32 bits because IPv4 was a temporary fix and 32 bits would last 5 years.

The really ironic thing is that the IETF conference where the BOF engineering meeting was held to "get IPv6 signed off and rolled out before something comes along and locks IPv4 in place for the next 20 years" was the same conference (in the same hall, at the same time, in a room literally two doors down from that meeting) where the first world wide web browsers were demonstrated.

 

"OK, now you need to reboot your computer. .... Um, sir, please stop kicking it."
www.deadtroll.com/index2.html?/video/helldeskcable.html~content
Highlighted
Problem Solver

Fully agree on the NAT issue. Those that argue that NAT offers protection should be aware that IPv6 routers ship with a default inbound policy of "block" on every port, no less secure than NAT.

Highlighted
Super Duper Contributor

"the consumer can feel the pain.. devices inside the network try and rely on weird nat traversal services, or uPNP, in order to be connectable."

 

uPNP is only part of it.

 

- Google Nest Protect is IPv6 only.

 

- Xbox networking is IPv6 native and if you're on a IPv4 provider you need to tunnel (usually teredo)

 

- LoraWan (increasingly used for environmental monitoring) is IPv6 only (you can make it work over IPv4, "kind of")

 

- second/third  generation IoT stuff is moving to IPv6-only

 

- some of the newer PtP communications systems only hold their privacy in IPv6 mode. If they're forced to use IPv4, then privacy is blown.

 

- Virtually ALL the security breaches relating to "Internet of Things" and in particular the widely publicised CCTV camera breaches over the last few years come down to the way these devices punch gaping holes in firewalls by tunnelling out to a static IPv4 host in order to provide a stable connection address (NAT is _not_ a firewall and is no substitute for proper firewall rules - even if it sometimes can have that effect in inbound connections)

   - this is quite specifically down to the lack of IPv4 addresses (there are 4 billion possible IPv4 addresses and _at least_ 20 billion IPv4 devices in the world today) and very poor security coding by makers who think that "oh, I'll just run up a tunnel" will solve the problem with no thought about firewalling the ends.

 

- Nat traversal is a security nightmare on steroids.

 

 - It's hardly a unique problem. The number of times I see "expert advice" to _disable_ security on a network in order to allow some broken software to work defies belief. Why should I compromise MY systems and expose MY wallet to being pilfered because YOUR software is borked?

 

We regard anyone attempting to bypass network security in the workplace as a disciplinary matter and treat this kind of tunnelling stuff as security breaches and we've pushed back _hard_ on vendors pulling these kinds of stunts with substandard software - the ironic thing being that it's things like the £2 million UPS system with 2MW generator and a 4 tonne motor/generator flywheel spinning at 9000rpm which are the most susceptable to security problems and have the least attention paid to keeping bad stuff out (a flywheel like that can go about a mile if it breaks loose from its mounts. It's been known to happen - and we've demonstrated that once past the laughable security a hacker can easily turn off the oil pumps. These things really are that bad. Wind turbines are even worse - and the makers are insisting on direct internet connections for ease of monitoring/maintenance. Not on my watch.)

"OK, now you need to reboot your computer. .... Um, sir, please stop kicking it."
www.deadtroll.com/index2.html?/video/helldeskcable.html~content
Highlighted
Super Duper Contributor

"Those that argue that NAT offers protection"

 

Have zero idea what they're talking about.

 

It offers an illusion of protection, which lasts about as long as it takes for uPNP to open a hole, or someone to setup a tunnel - at which point your entire internal network is as open as what's on the other end of the tunnel.

That's _how_ those breaches via CCTV systems happened (Nest, Ring and others), where the tunnel endpoints were compromised, leading to direct access into the CCTV units, which were trivially broken into (hardcoded passwords) and then used as jumping off points into the rest of the network allowing the bad guys to syphon off data from vulnerable machines which trusted the internal LAN.

 

There were more consumer networks, windows boxes and banking passwords compromised this way than corporate networks, so there _is_ a consumer angle to this.

There is no substitute for proper firewalling rules - and ideally you should be firewalling _outbound_ connections as well as inbound. I can't even begin to explain how many times this precaution has allowed us to spot compromised systems (usually someone's laptop) doing things that they shouldn't be doing.

 

"OK, now you need to reboot your computer. .... Um, sir, please stop kicking it."
www.deadtroll.com/index2.html?/video/helldeskcable.html~content
Highlighted
Team Player

Here's an interesting article about IP, Ethernet, bridges and routers

https://apenwarr.ca/log/20170810

 

One question people might ask... Why don't we drop TalkTalk or PlusNet and go to an ISP which does offer IPv6? Well, I use these cheap services as a backup.. so I want the cheapest ADSL service but I still want IPv6. I'd use Sky but I don't want to use their router. BT are expensive. Static IPs are seen as a luxury my many.

 

At the moment if my firewall detects wan1 goes down, it has to turn off v6 route advertisements, and various things stop working, whilst default route switches to wan2.  Fortunately that's maybe an hour a week. When wan1 recovers, route advs get turned on and default route swung back.

Highlighted
Problem Solver

@speculatrix wrote:

I'd use Sky but I don't want to use their router.


 

They dropped that requirement, it is no longer in their T&C.

Highlighted
Super Duper Contributor

 

Here's what I'd regard as a near-canonical response as it's coming from one of TalkTalk wholesale reseller agents:

 

Randy has sent your account to myself to  answer your questions around supplying you with IVP6.

 

Unfortunately, this is not a product we support or plan to support In the near future. We have never advised that we support IVP6, so we are not breaching any rules or relations put in place by OFCOM.

 

"OK, now you need to reboot your computer. .... Um, sir, please stop kicking it."
www.deadtroll.com/index2.html?/video/helldeskcable.html~content
Highlighted
Team Player

I'm happy with TT not supporting IPv6, so long as they charge me pro-rata for the addressible range of the internet I can access...

 

so multiple my bill by 2^32 / (2^128 + 2^32).. which is pretty much a 100% discount 😉

Highlighted
Team Player
that's odd, I got a notification email that were were some replies and when I came here they'd gone.

stoatgobbler (Super Duper Contributor) posted a new reply in General Technology, Tips & Tricks on 02-10-2020 04:14 PM :
Re: When will TalkTalk support IPv6
Another near-year later and TalkTalk are no closer to offering IPv6
(Despite their sales agents STILL saying they will offer it "real soon now" if asked in phone calls - just checked on that)


stoatgobbler (Super Duper Contributor) posted a new reply in General Technology, Tips & Tricks on 02-10-2020 04:17 PM :
Re: When will TalkTalk support IPv6
Another near-year later and TalkTalk are no closer to offering IPv6
Despite their sales agents STILL saying they will offer it "real soon now" if asked in phone calls - just checked on that
Which they told me back in 2006 when I signed up with them
This thread is now over 6.5 years old and the misleading statements from TalkTalk continue. At what point is it a trading standards issue?
GIven the rapid proliferation of IPv6 only websites and resources, at what point is IPv4-only a "walled garden by stealth"
Remember what happened to Hutchison 3 when they promoted THEIR walled gardens as "Internet access" (Hint: major league legal spankings)
Highlighted
Team Player
Just complain to TalkTalk that you can't get to these websites:

https://loopsofzen.uk/
https://ipv6.google.com

Highlighted
Problem Solver

Until Ofcom become interested in mandating IPv6 support amongst all ISPs, I don't think TalkTalk will do anything unfortunately.

Highlighted
Community Star

There is another topic on this subject where the TalkTalk team have been asked to comment:

 

https://community.talktalk.co.uk/t5/Fibre-Broadband/IPv6-availability/td-p/2406789 

 

I am closing this as a duplicate thread.