I don't think that setting is on by default.... Also using adguard home, and it's disabled here, and I'm quite sure I hadn't touched that (as I just replaced the config/router less than 2 weeks ago).
Because the dns Adblock communities in general (Adguard, pihole, and others) have historically had a very antagonistic relationship with IPv6 and dual-stack networks. "Disable IPv6" is still the first recommendation to any support request with these services, both from official support channels and the project communities in general out in forums, discords, and subreddits.
My experiences have been primarily with Pi-hole and its community, but I think the dynamic is shared among many of these projects.
Dual stack networks generate a significant support burden on network services and stacks that were designed and built to operate in legacy IPv4 networks by developers who have little experience with IPv6 or dual stack. The Pi-hole community has spent years fielding support requests and user confusion that stems from DNS requests bypassing the DNS Adblocks because the blocking resolvers don't exist in the IPv6 path for DNS resolution. This means users show up and create a support burden that is trivially resolved by just instructing the users to disable IPv6 which "solves" the failure mode completely and has no immediately obvious downsides that would deter that solution.
I'd push back on the "no downside for users" assertion. There are many benefits for users and the internet as a whole to deprecate and move past legacy technologies like IPv4 and NAT, both of which are the source of considerable developer friction and unnecessary development work.
I think the only people who really care about IPv4 vs IPv6 is a very vocal subset of the tech community that really wants IPv6 to happen. The rest of the world for the most part does not really care for as long as their networking works. Right now both protocols will be here for a very long time to come.
For me personally I had plenty of cases where turning off IPv6 solved issues for me, at no point did configuring IPv6 ever solve anything for me. I think that experience is one that quite a few people have made over the years.
Because from a consumer point of view there is nothing to be gained from IPv6 but a lot of complexity and failure scenarios are added. More importantly though for ad block services and VPN you are better off not having IPv6 because it makes it easier to block down ad network due to the smaller space. Similar reasons why most of email is stuck with IPv4 because IPv6 drives up the cost of reputation management.
I just debugged the inverse problem: IPv4 isn't working on my home network.
It's an IPv6-only service with DS-Lite for IPv4 connectivity. With DS-Lite, the home router tunnels IPv4 packets to a NAT at the ISP called AFTR. The domain of the AFTR is provided via DHCPv6, and is in my case of the form something.aftr.kabelbw.de. This domain currently does not resolve, as denic has some trouble with its DNSSEC configuration.
Luckily I did not disable IPv6 anywhere, so everything except github is working fine!
I tried to get IPv6 working from my home office so I can test an IPv6 deployment that I’d like to do at $WORK.
I got zero help from my ISP, but I managed to set up my gateway (Unifi cloud gateway) so it obtained the IPv6 addresses. But it consistently stops working about 24h later, the local IP addresses just disappear.
I’m at a loss to understand how to fix this, suspect it’s the ISP. At one point they claimed to support v6 but there is zero documentation and I suspect it’s broken.
But more to the point, I really wonder how the hell we are ever going to get broad consumer deployment of IPv6 when someone as technical as me - who used to help run an (ipv4) ISP! - isn’t able to make it work, get support, or even work out what’s going on.
My ISP (AT&T) does support IPv6, and I'm using it now from my home network. The only down side is that they will occasionally re-assign the IPv6 (and IPv4). There's no reason to recycle IPv6 addresses, so I suspect it's done because that's how it's always been done (for IPv4), and for "security" reasons. If I could opt out of those "security" reasons, I would.
My provider does not have native ipv6, but every year or so I configure a tunnel solution to enable ipv6 for my net, and every year I’m running into the same problems, with captchas, weird geoblocks, and resolving delays.
Disable it after a couple of days every time, and wait for my provider to get into the 21 century :-/
jrwren | 20 hours ago
that is terrible and adguard home should be ashamed of themselves
sigio | 14 hours ago
I don't think that setting is on by default.... Also using adguard home, and it's disabled here, and I'm quite sure I hadn't touched that (as I just replaced the config/router less than 2 weeks ago).
adampetrovic | 4 hours ago
For what it's worth, I use adguard on my home network and don't use IPv6 and this setting is unchecked by default (I have never changed it)
runxiyu | 20 hours ago
Why does this exist...
nugget | 20 hours ago
Because the dns Adblock communities in general (Adguard, pihole, and others) have historically had a very antagonistic relationship with IPv6 and dual-stack networks. "Disable IPv6" is still the first recommendation to any support request with these services, both from official support channels and the project communities in general out in forums, discords, and subreddits.
runxiyu | 19 hours ago
That's interesting... is there a documented reason?
(good thing my main home network is not dual stack (as in, NAT64-only) /jk)
nugget | 17 hours ago
My experiences have been primarily with Pi-hole and its community, but I think the dynamic is shared among many of these projects.
Dual stack networks generate a significant support burden on network services and stacks that were designed and built to operate in legacy IPv4 networks by developers who have little experience with IPv6 or dual stack. The Pi-hole community has spent years fielding support requests and user confusion that stems from DNS requests bypassing the DNS Adblocks because the blocking resolvers don't exist in the IPv6 path for DNS resolution. This means users show up and create a support burden that is trivially resolved by just instructing the users to disable IPv6 which "solves" the failure mode completely and has no immediately obvious downsides that would deter that solution.
mort | 14 hours ago
Honestly a reasonable solution. No downside for users, significant reduction in necessary development resources.
nugget | 11 hours ago
I'd push back on the "no downside for users" assertion. There are many benefits for users and the internet as a whole to deprecate and move past legacy technologies like IPv4 and NAT, both of which are the source of considerable developer friction and unnecessary development work.
mort | 4 hours ago
Moving past IPv4 and NAT is a fantasy. It's not happening. IPv4 is here to stay. IPv6 is less certain.
m_eiman | 3 hours ago
IPv6 is better, and we should all have switched years ago.
I don't understand why a vocal subset of the tech community has decided that IPv6 is The Devil and must be complained about at every opportunity.
mitsuhiko | 2 hours ago
I think the only people who really care about IPv4 vs IPv6 is a very vocal subset of the tech community that really wants IPv6 to happen. The rest of the world for the most part does not really care for as long as their networking works. Right now both protocols will be here for a very long time to come.
For me personally I had plenty of cases where turning off IPv6 solved issues for me, at no point did configuring IPv6 ever solve anything for me. I think that experience is one that quite a few people have made over the years.
mitsuhiko | 14 hours ago
For good reason.
runxiyu | 6 hours ago
Why?
mitsuhiko | 4 hours ago
Because from a consumer point of view there is nothing to be gained from IPv6 but a lot of complexity and failure scenarios are added. More importantly though for ad block services and VPN you are better off not having IPv6 because it makes it easier to block down ad network due to the smaller space. Similar reasons why most of email is stuck with IPv4 because IPv6 drives up the cost of reputation management.
srcreigh | 17 hours ago
The TLDR details thing you put here is excellent.
[OP] gowthamgts | 15 hours ago
thank you fellow reader :)
luchs | 13 hours ago
I just debugged the inverse problem: IPv4 isn't working on my home network.
It's an IPv6-only service with DS-Lite for IPv4 connectivity. With DS-Lite, the home router tunnels IPv4 packets to a NAT at the ISP called AFTR. The domain of the AFTR is provided via DHCPv6, and is in my case of the form
something.aftr.kabelbw.de. This domain currently does not resolve, as denic has some trouble with its DNSSEC configuration.Luckily I did not disable IPv6 anywhere, so everything except github is working fine!
doctor_eval | 9 hours ago
I tried to get IPv6 working from my home office so I can test an IPv6 deployment that I’d like to do at $WORK.
I got zero help from my ISP, but I managed to set up my gateway (Unifi cloud gateway) so it obtained the IPv6 addresses. But it consistently stops working about 24h later, the local IP addresses just disappear.
I’m at a loss to understand how to fix this, suspect it’s the ISP. At one point they claimed to support v6 but there is zero documentation and I suspect it’s broken.
But more to the point, I really wonder how the hell we are ever going to get broad consumer deployment of IPv6 when someone as technical as me - who used to help run an (ipv4) ISP! - isn’t able to make it work, get support, or even work out what’s going on.
spc476 | 9 hours ago
My ISP (AT&T) does support IPv6, and I'm using it now from my home network. The only down side is that they will occasionally re-assign the IPv6 (and IPv4). There's no reason to recycle IPv6 addresses, so I suspect it's done because that's how it's always been done (for IPv4), and for "security" reasons. If I could opt out of those "security" reasons, I would.
labria | 9 hours ago
My provider does not have native ipv6, but every year or so I configure a tunnel solution to enable ipv6 for my net, and every year I’m running into the same problems, with captchas, weird geoblocks, and resolving delays. Disable it after a couple of days every time, and wait for my provider to get into the 21 century :-/
sugaryboa | 12 hours ago
Because ipv6 is badly designed and easy to misconfigure, so the most obvious advice is to disable it.
runxiyu | 6 hours ago
How is IPv6 badly designed? How is it easy to misconfigure?
sugaryboa | 6 hours ago
https://lobste.rs/s/xijpr1/ipv6_traffic_crosses_50_mark#c_tvadvv