Why dynamic IPv6 subnet allocations for home users are evil

23 June 2009

Currently, a typical home Internet user will be assigned one IP address from their ISP, and then use NAT (Network Address Translation) to share the Internet connection among all their computers. The IP address assigned by your ISP is dynamic, and that is not a problem for the average home user, or even your typical power user.

Setting static IPs on computers is not all that uncommon, even among home users, excluding only the very most technically-illiterate ones. For example, your home router might be, and the other desktops in your house might be,, and so on. Then, if somebody drops by and wants to use your WiFi, they might be assigned an address via DHCP, such as

This won’t work in IPv6 if, and only if, ISPs choose to make your subnet allocation dynamic. I urge ISPs to assign static IPv6 subnets to all their customers.

Why? Well, let me give my reasons. In IPv4, all the home machines in the above example are behind a NAT. This means the private IP address ( gets dynamically translated to your public IP address (

Because of the absence of NAT in IPv6, this can’t happen! Your machine’s IPv6 address is tied to the subnet allocated to you by the ISP. And if your ISP changes your subnet every time you connect to the Internet as they currently do with IPv4, your static IPs will break horrendously.

I am aware of site-local and unique local addresses. These addresses are designed to be used only in a local situation, and not routed to the Internet. In theory, this could solve the problem, by allowing you to have a static local address, and a dynamic global address. In practice, this will not work because:

  • Site-local addresses have been deprecated by RFC 3879.
  • Unique local addresses are considered to be global addresses by current OSes. Wikipedia says that “despite the restricted, local usage of these addresses, they have a global address scope”, which means that your computer will assume either one can get to the Internet.
  • Thus, your source IP may be wrong, and your packet may be filtered and rejected by your ISP, or you may never get a reply, as the message won’t be able to get back to you.
  • Having both unique local and global addresses are confusing to the end-user, unlike link-local addresses, which are clearly marked as such, and are generally non-routable.

Finally, we must look at the reason why dynamic IPv4 addresses are assigned in the first place. I believe the main reason for this is to conserve space. With most of their address space used up, ISPs would have to count on all of their customers not using their Internet connections at the same time. Dynamic IP addresses means they can effectively over-subscribe their puny IP allocations.

In IPv6, this is not necessary. ISPs typically get a /32 allocation, which if you’re not familiar with CIDR notation, is bleeping huge! With a /32 allocation, an ISP could allocate more than 4 billion /64 subnets (which are suitable for a typical household) to each of their customers. I don’t think any ISP in the world has 4 billion customers, and if they did, they could get a /31 allocation, which would give them about 8 billion /64 subnets. Plenty of space for static allocations for everyone!

In conclusion, I’d like to summarise what I’ve been trying to bring out:

  • People that like to set static IPs on their machines will have them break if their subnet changes.
  • Site-local and unique local addresses only add to the problem, not solve it.
  • There is enough IPv6 address space in a /32 for everybody to have a static subnet.
  • There is no business advantage in giving out dynamic subnets. Do the best thing by your customers and go static.

So, dear ISPs of the world, please make static IPv6 subnets a part of your standard offering — not a “paid upgrade” or anything silly like that. It might work in the NAT’ed world of IPv4, but you will do your IPv6 customers a disservice.

Thanks for reading. :)

30 replies

  • Glen Turner says:

    I don’t get it. Why would your machines have static addresses in the first place?

    Imagine the ISP allocates a /64, dynamically or otherwise. Your router then *bridges* that. Your machine autoconfs. Any second or third machine you want to run also autconfs — at no additional expense to the ISP, since they are running stateless DHCP.

    In short, NAT routers appeared because ADSL bridges could only support one IPv4 client. But ADSL bridges can support an infinite number of IPv6 autoconf clients. So there’s no need to route IPv6 at all, let alone NAT it.

    • Aqua Regia says:

      Static IP addresses have their uses in the home. I use a one wire bus for meteorological data that connects to protocol translator which I can address. Without a fixed IP address I would have great difficult writing (and securing) software that controls and reads this sensor network for calculations and display.

      This also controls a number of devices around my home like a pellet stove, lights and wood stove. Dynamic addressing of these controls would cause endless grief. Especially since I add automation as quickly as I have the time.

  • Jeremy says:

    I’m not advocating NAT for IPv6, nor am I lamenting the loss of NAT. I’m saying that NAT had the side-effect of making your private-side IPs fairly consistent and static, despite the fact that IPs are dynamic.

    I know I use static IPs all the time when configuring stuff. I can remember my server’s IP address, 2001:44b8:62:50::1, but there’s no way I’m going to remember the dynamic IP addresses, like 2001:44b8:62:50:21b:fcff:fe25:42e7.

    Our server’s IPv4 address is There’s lots of stuff hardcoded to that address. If it changed, things would probably break. Our server’s IPv6 address is hardcoded to 2001:44b8:62:50::1. Things like our DNS would definitely break if that changed.

    Luckily, Internode’s Hexago broker remembers our subnet, so it is static for now. But what if one day they chose to change our subnet? Our server’s IPv6 address would change to something like 2001:44b8:62:beef::1, and break all the configuration, while the IPv4 address,, would still work.

    That is what I’m getting at. In IPv4, because of NAT, the dynamic IP changing has no ramifications on your internal network’s configuration. In IPv6, all the internal IPs are based on your assigned subnet. If that subnet is changing all the time, then…it’s painful.

    Not to mention the fact that if your line drops out and in again, and your subnet changes (as it does with IPv4 — every time it drops out we get a new IP), because of the nature of Router Advertisement/Discovery, the machines will still have their old addresses which are broken, as well as new ones.

    All stuff we wouldn’t have if ISPs gave out static IPv6 subnets. I don’t know whether any do or not — the purpose of this post is to make sure everyone offers static ones from the get go.

  • Bob Muckley says:

    The bigger problem is management of static assignments. Yes yes, it should be simple but with millions of customers managing N million subnets statically assigned to customers becomes hard. Also one /64 is not good enought, the current ISP thinking is leaning towards a /56 to a home, which I think is way overkill. Remember a /64 is only 1 subnet which sucks as most homes are multiple subnets these days. Think of a wireless LAN behind a Home router. Or guest wireless LAN, or multiple layers of internal LANs with firewalls. The problem is that even if this is assigned via DHCP-PD, nobody has created a DHCP-PD Client/Server to re-delegate the /64 to downstream subnets. The other issue is aggregation of addressing and routing which then requires a much larger subnet to be allocated to each aggregation router, which means address space starts getting eaten up real quick. Also if you need to move a customer to a different aggregation router because of capacity, you can’t guarantee keeping a static address for a customer. Address Management is not simple on the ISP side. And keep in mind that without NAT a Firewall will be required which allows out by default in blocked. Anything but will probably void any support from the providers as w/o a firewall all internal devices are at risk and if you have security issues or become a bot you will be terminated. This all starts to blow the IPv6 dream of open to everything. The other thing to keep in mind is that all these NAT’d subnets in the network now in a full IPv6 world have to be publically addressed and IPv6 only has 2 power of 2 more subnets. Trust me it is going to run out and there are already people starting to try to figure out what to do next.

  • Jeremy says:

    With regards to /56′s, yeah, it is a bit overkill. Internode currently offer /60′s to trial participants, which gives me 16 /64′s to work with. (I’ve only used two so far.)

    And DHCPv6-PD kinda sucks. I tell you what, it’s painful to keep running all the time, and yeah, re-delegation isn’t possible.

    Thank goodness the only thing Internode use DHCPv6-PD for is updating their routing tables so they route your static subnet to you. Otherwise I’d commit suicide.

  • Bob Muckley says:


    I would be very interested in the issues you experience with DHCPv6-PD. Is it problems with vendor implementation, RFC design, or re-delegation as I stated. I am going to try to push the re-delegation capability through the standards.

    The other issue I didn’t mention is getting customers to properly configure or pre-configuring static addresses to everyones cable modem or Home Router is a nightmare and not realistic. So…… a dynamic assignment to customers is really the only supportable model. Static addressing will of course also be available.

    I am currently trying to design the IPv6 strategy for our company and trying to weigh the balance of all these issues. I also prefer a /60 or a /59 at most. 16-32 subnets per subscriber is more than enough for a home and it still doesn’t eliminate the ability to offer more for specialized situations, but honestly if someone wants more they would more than likely also want a static assignment.

    Any other issues with IPv6 service would be of interest to me, as I would try to account for most of them to make our customers as happy as they can be; and in turn our support staff happier.

  • Brad Landis says:

    What is stopping an end user from subnetting a /64 to a /68? They have **twice as many** IP’s as the internet has in existence right now, so there’s no reason to stop it.

    • Jeremy says:

      Go on. Use a /68 then. Nothing will break, oh, except SLAAC. Not like that’s important or anything. ;)

      Yep, that’s right. If you use anything smaller than a /64, Router Advertisement ceases to work. That’s because the EUI-64 scheme for auto generating your address needs all 64 bits. (I kinda wish they’d let you use a /96 and then autogenerate your address with EUI-48, but I can’t talk, ‘cause I didn’t write the RFC.)

    • Brad Landis says:

      Wow, that’s just dumb. I don’t see how any house is going to use 16 quintillion addresses. Even if there were $0.99 addressable devices, Bill Gates couldn’t even buy enough devices to fill up the network. I wonder what they were thinking.

  • AC says:

    I like my dynamic IPv4. I don’t want my IP address to be a second phone number, that once in the wild could be used to attack me by anyone.

    • Jeremy says:

      That’s why Windows Vista by default makes the host portion (the last 64 out of 128 bits) of your IPv6 address completely random. You can also do the same on Linux by running sysctl -w net.ipv6.conf.all.use_tempaddr=1.

      That random address is different on each host, and is regenerated on reboot. Not only that, but it is 64 bits long, whereas only about 8 bits (or at most 16 bits) of your IPv4 address are actually random.

      A random bot on the Internet will have a much easier time attacking you on IPv4 than on IPv6, where it is orders of magnitude more hit-and-miss.

    • K Alm says:

      Yes, but you, and only you, will be on that subnet. Whereas with IPv4, you could be any address on that subnet. So if skiddy Joe over there decides to DDoS you for a day or two, there’s nothing you can do about it.

  • Lotu says:

    Bob makes a very good point about address management at the ISP level. So static prefixes aren’t really an option. Besides you want to have any device we reachable no matter where it moves in the network. For example if I want to reach my laptop I shouldn’t have to know if it using wireless or pluged in the the Ethernet at this moment. Or if I add a gigabit Ethernet card I to a computer I don’t want to have to find out what new address the DHCP sever gave it. Thats why you have a DNS. The real solution to your problem is to have a DynamicDNS server in all routers. This way you can refer to your computer as “black” instead of “2000:34f3:3984:3afd::1″.

    • Jeremy says:

      Dynamic DNS falls over flat when you need to maintain state. Particularly TCP state.

      You can maintain TCP state with statically assigned IPv6 subnets (and mobile IPv6 is something to look into for roaming devices, although that is not much different in practice).

  • that engineer guy says:

    your desire to have easy-to-remember IPv6 addresses for internal management clashes with the entire, ENTIRE concept of IPv6. take it to the RFC board and see if they want to redesign for IPv8 (:
    learn to love autoconf. forget DHCP and subnet-based management. adapt.

    • Jeremy says:

      Had you actually bothered to read my post, including my comments below, you would know that having easy-to-read IP address has absolutely nothing with what I’m trying to say.

      SLAAC is not only perfectly compatible with what I’m arguing for, it is one of the main parts of what I’m trying to fix. With dynamic subnets, SLAAC is actually the #1 thing that will break — or will appear broken. I want to help preserve that, and the only way around that is to statically allocate customer subnets.

  • madsara says:

    “In short, NAT routers appeared because ADSL bridges could only support one IPv4 client”. This is fully untrue.

    First of all, by definition a bridge is not a layer 3 device, it’s layer 2. It doesn’t care about the upper layers, it just forwards layer 2. The ADSL bridge has absolutely nothing to do with IP.

    So you may mean to say “ADSL router”.

    Most xDSL providers tend to use PPPoE. One can bring up multiple PPPoE sessions over a single ADSL bridge. Each of those sessions can have their own IP assignment (assigned by the NCP/IPCP phase), whether it be a /32 or whatever netmask.

    Want to assign a /24 to a PPPoE session? That can be easily done.

    If PPPoE isn’t used, the connection is Ethernet (generally over ATM) and yes, it can support whatever assignments you want.

    I’ve never encountered a xDSL router that could not route a netblock > /32. Generally, it’s the end-user not knowing how to properly configure such a device.

    NAT came about as a (ugly) way to minimize IP exhaustion.

  • Gavin says:

    NAT came about because static IP’s were expensive for the less fortunate, and most routers incorperated a firewall. I don’t like the idea at all of one public address on every single device either.

  • Rui Monteiro says:

    I believe that locally, machines communicate only with the Link-local IPv6 Address, that isn’t routable to the exterior!

    So, it doesn’t matter if the first 48 or 56 bits given by your ISP are dynamic or not, internally, in your LAN, only the last 64 bits count for local communications (fe80::/64). You refer the RFC 3879, but that is for fec0::/10 range, not fe80::/64! See wikipedia:

    * https://en.wikipedia.org/wiki/Private_network#Private_IPv6_addresses

    You say:

    “Because of the absence of NAT in IPv6, this can’t happen! Your machine’s IPv6 address is tied to the subnet allocated to you by the ISP. And if your ISP changes your subnet every time you connect to the Internet as they currently do with IPv4, your static IPs will break horrendously.”

    From what I know, the ISP doesn’t define the subnet, the last 16 or 8 bits from the first 64 ones are not defined by the ISP, so the subnet is defined by you and it is static because of that!

    In any case, I think that is much more advantageous to the ISP, to maintain static addresses, because there are no reasons to switch addresses dynamical in name of nothing, not to mention, the fact that your actions in the Internet become easily identifiable and traceable by your ISP for legal issues!

    • Jeremy says:

      There are a lot of misconceptions in your post, and it’s hard for me to address them all, but I’ll try and address some.

      Link-local addresses are, in fact, rarely used for anything other than internally for sending ICMPv6 messages and the like. They’re not routable (so they become useless if you have a separate subnet for your wired and wireless networks) and you cannot add one to an AAAA record (as they require a scope ID). Browsers like Firefox also cannot handle URLs that contain link-local IPv6 literals.

      I agree that link-local should be used for this purpose. The point is, lots of stuff is still broken. You have to use your global addresses for lots of stuff that you arguably shouldn’t have to.

      So because you still need global addressing, the subnet allocated to you does matter still.

      The ISP still defines the first 56 or so bits of your address, so being able to address the next 8 or so bits doesn’t improve the situation. If just one bit changes, your configuration is broken.

      For the record, since I wrote this post, I am now working at an ISP, and in the process of deploying IPv6. I have done a trial deployment with dynamic /56 delegation, and have experienced first-hand just how painful it is.

      So the next phase of the trial is using static /56 delegations. It’s a lot harder to implement on the ISP end but the CPE is behaving a lot better.

  • Spencer says:

    It is unhelpful that the original poster, whose blog this is, Jeremy, keeps using the word “subnet”, which is confusing, since it means something a bit different in IPv6 than in IPv4.

    None of this can be news to you, but to clarify terminology, the first 64 bits of an IPv6 address are the “routing prefix”. Some of the documents talk about /48 as the network address, leaving 16 bits for the subnet, but this is kind of like class A, B and C under IPv4, i.e., useless in light of later developments. In classless IPv4, a subnet is whenever you allocate more bits for routing inside a larger (sub)net. Here it just means hierarchical routing.

    Giving out prefixes longer than /64 breaks a lot of stuff. I have a /96 prefix at a colo, and auto-configuration doesn’t work there. I quite agree that we should discourage that. 64 is a lot of bits; it should be adequate for routing. Within your network, you don’t want your ISP dictating your 64 bits of the address; you should be able to use locally administered, universal or temporary random addresses according to your needs.

    Mobile machines, e.g., laptops and phones, have to deal with new prefixes whenever they move (to preserve TCP connections, they would require some form of redirection, a problem phones have dealt with already). This assumes that I could get IPv6 at Starbucks (maybe coming soon with Google taking over that concession from AT&T), but also if I took my laptop to a friend’s house who has IPv6 working wirelessly. If there is an IPv6 address for your refrigerator, it’s going to have to auto-configure, because the refrigerator installers are not going to cope with also having to be sysadmins.

    I agree that if you want to run servers at your home or place of business, you’d like to have a static routing prefix, but I see no reason that the routing prefix couldn’t be allocated dynamically to “residential” customers. They are already served pretty well by zero-configuration DNS. Laptops can see each other on the network without administrative overhead.

    It has been asserted by some that static prefix allocation is an administrative headache. I can testify that auto-configuration works well, though I can’t say that would be true for all brands of equipment and operating systems.

    We do want to have customer control over at least some bits of the prefix. It would be spiffy to have a dynamic prefix be less than 64 bits long, so you could have separate name spaces and access for your Guest network (programmed into your CPE) and the indoor network with your appliances and personal computers. I’m sure you can think of other uses, too.

    Even so, I think /60 is overkill, and /56 is bouncing the rubble; /62 should be fine, plus or minus 1. Certainly /56 would be wasted on most of us. The best argument for /56 is to limit the size of the ISP’s routing tables and has little to do with what the customer wants.

    I have read that FiOS will give out static /56 addresses to their business customers, who have a clear need for static prefixes, since they publish their address using DNS. Currently I run my business with IPv4 /27 (a block of 32 addresses, of which I can use 29), and I’d be happy to get static /60 or even /64 when they FINALLY will sell me native IPv6. In 2025, at this rate.

    I’m using Hurricane Electric’s tunnel broker service for now, and have a static /64 prefix, which I need because of running DNS, but it imposes an additional round-trip delay of up to 20 ms, since I am near Boston and the (IPv4) RTT just to the tunnel server in NYC is 10ms. Native IPv6 would eliminate that. Also, HE will have to stop offering this for free at some point.

    Dynamic addresses don’t have to randomly break the world. DHCP from our local cable ISP (which friends of mine use: Comcast) changes your IPv4 address rarely to never, with months between, if there is no interruption of service. As long as your modem is powered on, it keeps renewing its dynamic address

    One time, Comcast actually sent out paper mail notices announcing in advance that they were renumbering the whole neighborhood, consolidating the address spaces of neighboring towns. It was a service interruption affecting all customers, though brief.

    Persistence of continuously used addresses should apply here to dynamic prefixes; it ameliorates most of the problems. Dynamic means you have the right to renumber, it doesn’t mean you need to do it gratuitously.

    So absent a power failure (which breaks everything anyway; without fiber to the premises or wide-area wireless, a UPS provides only a tiny island of light), it was extremely infrequent to suffer broken connections and windows of unavailability while waiting for dynamic DNS to update and caches to empty.

    For most people not running servers, dynamic DNS has been sufficient, if they need anything at all. (There are non-DNS solutions to finding your machine when it and you are in different locations.) Temporary random “private” addresses can be just as bad if they break existing connections; the operating system should detect persistent connections and preserve them. Some don’t.

    I’d be OK with a small extra charge for a genuinely static prefix. On the other hand, if the hassle *to the ISP* of dynamic prefixes is actually worse than static, I’m OK with “free” static addresses. I’d be paying extra for business service anyway.

    Everything is two-edged. An advantage of a dynamic prefix is that long-term, it protects your privacy a wee bit, since a static prefix is an extremely definite clue to your location, even if the address of your laptop is obfuscated by random address assignment within the other half of the IPv6 address.

    A DDoS attack with only incoming packets could be as effective at saturating your bandwidth as completed connections overwhelm individual machines, and would affect all users of your prefix, not just the targeted address(es). It would be pretty cool if you could end such an attack merely by resetting your modem and getting a new prefix when it came back up.

    That wouldn’t help popular web sites, but many customers could see the advantages. (That also wouldn’t work with Comcast here and now; you’d have to stay offline until your old address timed out, which could be hours, successfully denying you service. It could become a “feature” if the CPE were programmed to request a new prefix on user demand.)

    • Luca says:

      My provider is starting to offer IPv6 connectivity in my area (xDSL). They use PPPoE and something called IPv6cp (which is NOT DHCP, right? For the time being, they’ll be handing out /64 dynamic address, with a promise of static in the near future.

      I’ve been working with IPv4 for almost 15 years, yet I have a hard time wrapping my head around IPv6. Will autoconfiguration take care of everything on my win 7 machines? Also have a couple of unix file servers, and a PAP2T VoIP adapter, which I am pretty sure does not support IPv6.

    • Jeremy says:

      IPV6CP only negotiates the link-local addresses over PPP.

      To get out to the Internet, you either need ICMPv6 Router Solicitation/Advertisement if you just want to use the Internet on the machine that PPP terminates on, or DHCPv6-PD (Prefix Delegation) if you want to allow machines behind the router to access the Internet as well.

      If you fire up your PPPoE session, and discover global IPv6 addresses magically appearing on your ppp0 interface, that’s likely ICMPv6 RS/RA happening automatically.

  • Luca says:

    Thanks Jeremy. I just got an ASUS RT-N66U, which on paper should work. Is anyone using IPv6 for VoIP yet? I’m having a hard time finding a provider that supports it.

    • Jeremy says:

      I don’t know of any IPv6–enabled VoIP providers myself.

      Recent versions of Asterisk support IPv6, but unfortunately IPv4 NAT traversal is disabled if you enable it (which I need), so I cannot make use of it yet.

  • leev says:

    i completely disagree that the ISP should provide static allocation for home users IPv6.
    first, i had myself the same dyn DNS issue and i solved it writing down my own software for a new dyn dns concept. briefly, the dyndns client that you’ll run on your router will also update all IPv6 addresses of your LAN devices based on their MAC addresses (you should try it, is free – more details here (http://www.duia.ro))
    second, in the near future we’ll use “Prefix Assignment in a Home Network” or dynamic IPv6 routing in your multilayered LAN. this RFC is based on OSPFv3 and even if your ISP would give you a fixed ::/56 you might end up with a different ::/64 between one of your home routers and your fridge (if you need more details on how it works you can drop me an email).
    third, dynamic allocation is recommended for ISPs, at least in this trasition period, if we want them to rollout more quickly IPv6. is hard for an ISP to find the best IPv6 allocation plan nowadays and the ideea that they can change the subnet if they want will give them courage. (i speak from my experience here: IPv6 RFCs become obsolete fast enought, some recommends nibble allocation, masks smaller then /126 are not recommended on interfaces because of ND attacks … and so on).
    fourth, many ISPs differentiate between services based on static vs dynamic allocation. if they cannot match the same services as in IPv4 then again, they will delay IPv6 rollout and that’s bad for the customers.

    i personally think this is not the right moment to force an ISP to embrasse IPv6 static allocation but is definetely the time to force an ISP to give you IPv6.

    • Rich says:

      Your software looks nice, but it isn’t usable apart from the service you sell. If I just want to run BIND and have a router that does nothing but forward packets there is no way to do this with dynamic IPv6.

      Really all I need is for printer.mydomain.foo to resolve to the current IP of my printer. I don’t care if it changes every 5 minutes, as long as the printer gets updated with the new IP as soon as it needs to, and the DNS server gets updated with the new IP. The problem is that this seems to be an afterthought – none of the standard tools handle dynamic addressing.

      Most likely ISPs will only change the IP assignment if the router reboots, but that could happen at any time, especially with consumer-level hardware. These routers rarely offer the capability of running custom software on them either – it seems like many don’t even let you disable address assignment if you’re using IPv6 (only for IPv4).

  • Rich says:

    I ran into your blog because I’ve started thinking about how I’ll eventually port my setup to IPv6, and dynamic prefixes would cause a lot of grief unless somebody changes how all the software works.

    Right now I’m using NAT with IPv4 (like everybody). I have a DHCP server which assigns IPs based on MAC (with a pool for guest devices), and those IPs correspond to DNS entries on my DNS server. That works just fine, but it requires NAT.

    With IPv6 I’m not really sure how I’ll be able to handle local DNS. There are DHCPv6 servers that can handle DNS updates, but as far as I can tell those DHCP servers expect hard-coded pools. If I don’t use NAT, then anytime my ISP changes my prefix, then the DHCP server needs to change what IPs it starts handing out (oh, and unless my leases are really short devices may just drop off the network until they’re power-cycled, as the ISP is not guaranteed to only change the prefix when everything in the house is powered off).

    I’d love to use stateless autoconfig, but I’ve yet to see any way to get that to do DNS updates.

    It seems like the whole point of giving every device a routable IP is to make it easy to send packets in both directions, but that doesn’t really work if you can’t tie that into DNS. It seems like the whole IPv6 thing was only looked at from the standpoint of routing packets. Sure, if all you want to support is web browsing it works just fine. However, once you have anything that is a server on the network (like a printer) there isn’t any way to get it to play nicely with DNS.

    • Jeremy says:

      Yes, you are correct in your observations.

      The Microsoft DNS server tries very hard to auto-update local entries with A and AAAA records, but doesn’t get it right all the time, and is prone to leaving behind stale entries. (And not everybody runs a Windows Server at home.)

      It just goes to show, static IPv6 allocations are necessary.

    • Aljoscha Vollmerhaus says:

      I’ve got the exact same problems, I operate quite a few servers at home for testing and developement (self-employed).
      When my provider recently enabled v6 I started thinking about enabling v6 on everything but ran into the exact problems Rich describes.
      Another problem are config files, like my proxy server where i have to define access controls on a subnet basis and a lot of other stuff.

Leave a reply

Change your avatar.