Last year I did a presentation about my 1st IPv6 project. After writing a post titled IPv6 is hard, where I told people that they shouldn’t do IPv6 if they don’t take it seriously, here is a post about how it can be done.
The team lead walks into the office with a crate of beer and asks if we are done with the IPv6 project. We are (we think) and have a beer.
One of my lasts posts made it to Hacker News.
Some people asked if the server survived. Yes it did, just a little more traffic:
In my last post, which made it to Hacker News, I wrote:
"HE can have some funny side effects. In a project a connection to a
development web server sometimes worked and sometimes didn't. The
solution was quite simple. The customer used a split VPN tunnel. IPv4 was
routed via the VPN tunnel and those IPv4 addresses were allowed in the web
servers access list. IPv6 was routed via the normal Internet connection and
those addresses weren't allowed."
This lead to some questions. Why didn’t HE work? Well it did work. Sometimes the IPv4 connection was better than the IPv6 connection, and sometimes IPv6 was better than IPv4. The TCP connection worked. And that is what counts for Happy Eyeballs.
Yesterday I read this toot (German) over on mastodon which starts with “IPv6 is hard.”
No it’s not. It’s different.
I ran across this multiple times: There is an A and an AAAA-record for a FQDN, but the web server is only reachable via IPv4. You can easily test this with curl
$ curl -4 https://github.com -o /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 273k 0 273k 0 0 3417k 0 --:--:-- --:--:-- --:--:-- 3553k
$ curl -6 https://github.com -o /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
curl: (7) Couldn't connect to server
When using IPv4 273k are “saved” to /dev/null, using IPv6 we get an error message “Couldn’t connect to server”