Why is IPv6 so complicated?

Original Article ↗ Hacker News Discussion ↗

Age of the debate and what’s changed

  • The linked “IPv6 mess” critique is ~20+ years old; commenters note how little has changed in fundamentals.
  • Main visible change: major sites and large mobile networks now support IPv6; IPv4 itself has barely evolved.

Transition and coexistence

  • Dual-stack (IPv4+IPv6 on hosts) was the primary coexistence method for years; later NAT64 and related mechanisms appeared to reduce IPv4 pressure in large “eyeball” networks.
  • Some argue IPv6 never had a real, workable transition plan beyond “everyone eventually upgrades.”
  • Others counter that multiple transition mechanisms exist but are politically and operationally hard to deploy.

Configuration: SLAAC, DHCPv6, RAs

  • Many criticize the SLAAC/DHCPv6/RA combination as overcomplicated and inconsistent across ISPs.
  • Others praise SLAAC for “it just works” behavior, no central DHCP state, and easy renumbering.
  • The fixed /64 subnet size and multiple addresses per host (including privacy addresses) confuse many operators.

Human usability and NAT/security

  • IPv6’s hex notation and length are seen by some as ergonomically bad (hard to read, copy, or shout across a room).
  • NAT is widely viewed as giving a simple, intuitive security model, especially in enterprises; many “love their NAT.”
  • Others stress NAT is not true security, only a side-effect of stateful translation; firewalls provide real protection.
  • IPv6 NAT (NAT66/NPTv6) is possible but discouraged and rarely exposed in consumer gear.

Deployment economics and geography

  • Adoption is driven where IPv4 scarcity really hurts (e.g., India, large mobile carriers), sometimes pushed by regulation and greenfield 4G/5G builds.
  • In regions with abundant IPv4 or cheap CGNAT, there is less economic pressure to migrate.

Protocol vs implementation complexity

  • Several argue IPv6 is conceptually simpler than IPv4 at the packet level (headers, multicast, no NAT).
  • Others say the real complexity comes from dual-stack operation, immature tooling, poor documentation, and edge cases like source address selection and multiple scopes.

Design decisions and regrets

  • Early mandatory IPsec and experimental ideas like A6 records and IPv4-compatible addresses are cited as dead weight that slowed adoption.
  • Some claim IPv6 was “too early”: designed before DHCP was mature, before real-world security/privacy concerns were fully appreciated, and without enough input from hardware vendors and small-network operators.

Operational pain points

  • Reported issues include: RA leakage across VLANs, dual-WAN IPv6 failover being awkward, link-local-only gateways confusing users, multiple addresses per interface, and firewalling when addresses change frequently.