IPv4 and IPv6

There are two Internets

There are two separate Internets, the Old Internet and the New Internet. They might travel over the same ethernet cables or wifi, but they’re quite separate and rarely directly interact with each other.

The Old Internet is built on Internet Protocol version 4. This was first used on ARPANET in 1983. It’s the IP version that launched the modern Internet. It’s what we - or at least the general public - think of as an IP address. Under the covers it’s a 32 bit long identifier, but it’s always displayed as four decimal numbers separated by periods, e.g. “208.87.129.176”.

Despite what film and TV have led us to believe, the four numbers are always between 0 and 255.

The New Internet is not that new. Internet Protocol version 6 was first used in 1998, but it took a while for operating system and infrastructure support to be widespread. It’s a 128 bit long identifier, normally displayed as hexadecimal numbers separated by colons, e.g. “2602:ff16:6:0:1:364:0:1”.

How long has IPv6 been a thing you could actually use? You can see how faded the tshirt Hurricane Electric sent me after I finished their IPv6 Certification is now.

Two networks, two languages

IPv4 machines can only talk to other IPv4 machines. An IPv4 client can only talk to an IPv4 server.

IPv6 machines only like to talk to other IPv6 machines, but there are a bunch of protocols and widgets to help IPv6 clients reach IPv4 servers. It’s critical that we can do that because there are a lot of consumers who are on IPv6 only networks - large broadband providers, cellphone networks - and a lot of servers that only serve traffic on IPv4.

Typically, an ISP might run a network address translation server or similar widget to gateway the traffic from their IPv6-only customers to the IPv4 Internet. That’s mostly fine for browsing the web, but requires more bodges to be layered on top of it to support other protocols. It works pretty well most of the time, but might not provide as good a user experience as real IPv4-to-IPv4 or IPv6-to-IPv6 connections.

(We spent a year tracking down weird network instability with our home ISP, tried every suggestion from the ISP and everyone else we asked, instrumented and monitored our bit of the network and it was just … slightly flaky. On the advice of folks who’d had similar issues we asked them to switch our connection from native IPv6-behind-NAT64 to native IPv4-behind-CGNAT, and it’s been rock solid ever since. Hopefully the new fiber they’re rolling out will give us native IPv6 and a stable connection.)

If your network provider provides both IPv4 and IPv6 it’s easy to configure a machine to support both on the same network interface. This is called “dual stack”, as you’re running both an IPv4 network stack and an IPv6 one. A server can offer the same service on both the IPv4 address and the IPv6 one, and by publishing both an A record and a AAAA record in DNS for the same hostname it can advertise that it offers both.

A dual-stack client wanting to connect to a service - a webserver, say - will look up the A and AAAA records for the hostname, and connect over IPv4 or IPv6. If the service offers both protocols then the client will likely use the whimsically named “Happy Eyeballs” protocol, and connect to both IPv4 and IPv6 simultaneously, dropping the IPv4 connection if the IPv6 connection succeeds.

I do email - do I care about v4 vs v6?

If you’re sending commercial email then there are two main times you need to worry about the network. The first is when you’re actually sending the email. The second is when the recipient retrieves an image or clicks on a link. (You need to care about DNS a lot too, but we’re going to assume your DNS server “just works” and not worry about DNS resolution over IPv6 vs IPv4).

Sending email

IPv4 is the lowest common denominator for email. Everyone accepts mail over IPv4, and many domains only accept mail over IPv4. So, as a sender of email you have to be able to send email over IPv4.

But is it worth also supporting sending mail over IPv6? Perhaps.

Some major mailbox providers - gmail, qq - accept mail over IPv6, and that’s apparently a significant chunk of their traffic. Others - yahoo, aol, microsoft, protonmail, fastmail - don’t receive (or send) mail over IPv6.

So … we’re mostly talking about sending mail over IPv6 to Gmail, in the B2C space. At one point there were delivery advantages to using IPv6 to send mail to Gmail, but those have long since faded.

And there were complaints from hobbyists about sending mail to Gmail over IPv6 being “hard”, mostly because authentication requirements for IPv6 traffic were stricter than for IPv4 traffic. Now that Gmail is enforcing authentication and network configuration requirements uniformly for both v4 and v6 that’s less likely to be an issue.

If your smarthosts are configured properly, and can use your IPv6 connection to send email to Gmail, and your reporting backend understands IPv6 addresses then allowing it to send to Gmail isn’t a bad idea. If you can offload most of your Gmail traffic to your IPv6 outbound space then you won’t be using as much of your IPv4 capacity as you would be otherwise, pushing off the time when you have to lurk in dark alleys, looking for dodgy vendors to lease you more IPv4 addresses.

Keep an eye on your metrics for v4 vs v6, though. And remember that adding a new IPv6 address is adding a new IP address, and you may need to introduce it slowly.

If your current infrastructure doesn’t support IPv6 then :shrug: you can just not worry about it. (But do think about v6 support when deploying new infrastructure, as at some point the tradeoffs may change).

Misconfigured IPv6

It’s usual for a Linux server to be running an IPv6 network stack, even if the network it’s connected to doesn’t support IPv6. That’s fine, and it lets local services use the IPv6 local address (::1). Some network daemons will fail, or need to be configured specially if that IPv6 local address isn’t there. But it will sometimes (often) also manage to configure an external IPv6 address, even though the network surrounding it isn’t configured to support that.

If then a mailserver running on that system tries to send mail to gmail it will discover AAAA records for google’s mailservers, and may try to send mail to them. Unlike consumer software it’s not going to use a happy eyeballs-ish method to work around a broken IPv6 network. It’s just going to send that mail out over IPv6 and rapidly fail with a “Network is unreachable” error.

That’s a misconfigured server problem rather than an IPv6 problem, but it’s a fairly common one.

(If you’re finding this while googling for the error, and you’re running Postfix, the configuration setting you’re looking for is probably inet_protocols = ipv4)

Images and clicks

Recipients connecting to your webservers to retrieve images or click on content is a bit more interesting. Partly because IPv6-enabling your web infrastructure is often much easier to do, possibly no more than adding a AAAA record to your DNS to point at your existing server.

I already mentioned that IPv6-to-IPv4 connections often go through performance / stability bottlenecks that an IPv6-to-IPv6 connection avoids.

Bunny.net noticed that when they enabled IPv6 on their CDN product:

Interestingly, the main benefit we noticed was an instant decline in the count of DNS queries. Since web browsers default to IPv6 and only then request an IPv4 address, we effectively saved 20-80ms for your users by removing the extra lookup

Cloudflare did some maths to estimate IPv6 adoption for clients. In 2023 they estimated that the proportion of humans who could connect over IPv6 was somewhere between 30% and 46%. That’s a lot.

Google are seeing nearly 50% IPv6 client support globally, with nearly 90% support in some regions

If you can potentially improve the recipient experience - faster, more reliable image loads, faster page loads on clickthrough - for a third to a half of your recipients, why wouldn’t you investigate adding IPv6 support for serving content?

Is anyone sending mail over IPv6?

Gmail folks have talked about seeing significant mail traffic over IPv6 in the past, but I don’t have current numbers.

About 1 in 7 mails sent to aboutmy.email is sent over IPv6.

Let's Talk Reengagement

Related Posts

Dedicated IPs, pros and cons

There’s a whole belief system built around the idea that the best way to get good deliverability is to have your own dedicated IPs. In fact, senders regularly approach me to ask when is the right time for them to get a dedicated IP. They assume all their deliverability problems will disappear if they get a dedicated IP.

Read More

When did the reject happen?

conversation_for_blogEarlier today I approved a comment from Mike on a post about problems at AOL from 2012. The part of the comment that caught my attention:

Read More

Why so many IP addresses?

Hi Laura,
Merry Xmas and wishing you a Happy New Year!
I recently looked at a popular ESP’s IPv4 space and I was astounded. How does an ESP get an IP allocation of 20,480 IPs? ARIN guidelines do not allow “MX/Mailing” IPs to count towards a valid justification especially in the case when each and every IP is being used for this purpose. That’s 80 /24’s…and at a time when we are out of IPv4 space….Would love to see a blog post with your insight about this issue….

Read More