Horrible IPv6 setup on VC1S/C2


#1

Hi,

I just tested the new IPv6 support on a VC1S server.

Sadly, the IPv6 support is very badly implemented. Each server or VPS gets a single address (!) inside a /127 subnet. The other address is used as the gateway. Moreover, it looks like a shared /64 prefix is used for multiple customers, or at least multiple servers of one customer. Also, link-local connectivity is broken.

RFC 6177 specifically recommends prefix lengths of /64 or shorter for end nodes in a way suitable for further subnetting (i.e. routed, not on-link). A single address or on-link prefix makes many applications impossible in practice, for instance implementing some kind of VPN. A shared /64 prefix is particularly harmful, too. Blocking nodes (due to abuse etc.) is usually done on /64 granularity.

Seriously, WHAT WERE YOU THINKING? This is not a viable IPv6 setup. It is a mess. It is a good example of how NOT to implement IPv6. Please don’t ignore every best practice regarding IPv6 in existence and then boast about having IPv6 support. It’s just ridiculous.

And as for C1? I remember IPv6 support being planned and promised, but I guess it will never happen now.

(Sorry, just needed to vent a bit.)


#2

I am with you man. I totally understand you. This is a complete mess. This is exactly how IPv6 should not work. And that /127 you get is not even yours, because you can not reserve it in Network panel, and it’s lost very fast if you wish to rebuild your server or transfer IPv6 to another (more powerful) server.

Considering they worked on IPv6 for the last year, I strongly think we will not see /64 (like RFC 6177) or /48 (like on Online.Net website) in the following months.

Expectations were high for C1 (ARM) because they advertised a thinking out of the box. Now they can’t even add IPv6 for a x64, while their competition already did that months ago.

We will see what will happen, but I can no longer trust this project, because promises were not kept. Right now they are not different from other online cloud providers with IPv6. A innovation would have been ARM cloud with IPv6, but now it’s just another x64 cloud with IPv6 like their competition.


#3

There’s yet another thing. The IP filtering features appear to be IPv4-only as well. At least it’s not possible to select a protocol or anything like that in the panel.

What happened? If the C2 hardware and software was developed with IPv6 in mind, then why is the implementation such an unfinished and crude mess?


#4

How much I love Scaleway I have to agree with the v6 being a mess. Online.net’s new offer which is the exact same server hardware as the C2 but with a direct connected harddisk (https://www.online.net/en/dedicated-server/dedibox-xc) has done this right. I guess those are not on GrOS routers. I really they hope they listen and find a solution. Most IPv6 capable control panels (looks at cPanel here) only work with a block of v6 as they want to assign one IPv6 per account on that server.


#5

@grg, @admin, @Maarten,

You missed that this is the first step of our IPv6 deployment. We’re announcing IPv6 connectivity and as stated, not a full flexible implementation.
To route a /64 on a node, you first need an IPv6 connectivity. :wink:

Stay tuned for further announcements.


#6

This would have been a great plus for Scaleway. Unfortunately some customers do not like it, others don’t care about IPv6.

Here is a funny video I just seen from IRC community.


#7

Even with all the april jokes, funniest video i saw today!


#8

This video is sadly very true…


#9

So, three months have passed. What are the next steps? I don’t see anything happening.

Still no IPv6 on C1 and apparently there’s still the same defunct IPv6 setup on the other VPS types.


#10

… and another three months (exactly! ;).

It would be good to have an update in this area — at the moment a freshly brought-up VC1S still has a /127 allocated to it, rather than the “correct” /64. This is particularly important (to put it another way, the current config is particularly broken) if one is to run an SMTP server, for example - see https://wordtothewise.com/2015/07/ipv6-email-is-a-little-different/ for further discussion of this regarding blacklisting etc.


#11

If this is only “first step of our IPv6 deployment”, why on https://www.scaleway.com/features/network/ you are advertising with “Next Generation Network”, “Native IPv6” and not “preview beta IPv6” (or, more true: “horribly broken IPv6 setup which ignores all recommendations”)?


#12

Being a network engineer, I find this implementation of IPv6 very poor and unfit for deployment of pretty much anything. I would love to see some updates that Scaleway is working to offer a serious IPv6 option. Until they do, Scaleway is out of the pool of viable cloud providers.


#13

Hey are there any updates on this? I’d be very interested in switching; but only if the IPv6 story is better/as-good as digital ocean.


#14

Unfortunately there seems to be no updates. There are many of us interested in switching, but this IPv6 setup stands in our way.

Meanwhile Google engine searches from IPv6 reach 20% soon.
https://www.google.com/intl/en/ipv6/statistics.html#tab=ipv6-adoption&tab=ipv6-adoption

Even if they don’t like it, Scaleway will soon be forced to have reserved IPv6.


#16

It’s now over two years since IPv6 was introduced and there’s been no change. We’re still allocated a /127 and it still sucks. This is simply not good enough and I’m now looking to move away from Scaleway due to this issue.