IPv6 Internet Is Broken

The Internet is made up of a bunch of smaller networks. All these small networks connect to one another is some manner. Some of them buy IP transit from other networks, some of then peer with one another for free. Whatever the case may be, everyone on the Internet should be able to reach everyone else connected to the Internet. This is true when it comes to IPv4. This is currently not true when it comes to IPv6.

IPv6 is a newer Internet protocol which is slowly being adopted to make up for some of the IPv4 shortcomings. Mainly the fact that IPv4 address space has largely run out.

At this moment everyone still uses IPv4 and a lot of people also use IPv6 simultaneously. Many networks use both IPv4 and IPv6 at the same time. This is called a dual stack. This is great because it allows a nice gradual transition from IPv4 to IPv6 without breaking anything.

The problem is that the IPv6 Internet is currently broken. Two of the largest IPv6 Internet providers do not peer with one another.

Cogent (AS174) and Hurricane Electric (AS6939) do not peer with one another over IPv6. Both of these networks provide a large chunk of the IPv6 Internet and neither of them pays a third network for IPv6 transit. This means a customer of Cogent can not reach Hurricane Electric over IPv6, and vice versa. This has been true for a number of years.

If two networks do not directly peer with one another one or both of the networks will buy IP transit from a third network. This third network connects to both of the first networks, allowing them to communicate indirectly through the third network. This is true of all IPv4 Internet. This is also true for Cogent and Hurricane Electric for IPv4.

However, neither network buys IPv6 transit, so there is no third party network connecting them over IPv6.

To see what is going on take a look at Cogent's looking glass and see how an IPv4 ping to he.net compares to a IPv6 ping to he.net. It doesn't matter which Cogent router is chosen, as all of them will have the same result.

First IPv4 from Cogent to Hurricane Electric:

PING he.net (216.218.186.2) 56(84) bytes of data. 64 bytes from he.net (216.218.186.2): icmp_seq=1 ttl=57 time=2.34 ms 64 bytes from he.net (216.218.186.2): icmp_seq=2 ttl=57 time=2.41 ms 64 bytes from he.net (216.218.186.2): icmp_seq=3 ttl=57 time=2.40 ms 64 bytes from he.net (216.218.186.2): icmp_seq=4 ttl=57 time=2.42 ms 64 bytes from he.net (216.218.186.2): icmp_seq=5 ttl=57 time=2.40 ms --- he.net ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4007ms rtt min/avg/max/mdev = 2.349/2.400/2.425/0.051 ms

No problems at all over IPv4. Now IPv6:

PING he.net(he.net) 56 data bytes From 2001:550:1:321::1 icmp_seq=1 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=2 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=3 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=4 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=5 Destination unreachable: No route --- he.net ping statistics --- 5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4008ms

"No route" means that this Cogent router has no idea where to even send the ping packets. It's not that there is a problem in the path to he.net, it's that the router doesn't have a path to he.net over Ipv6.

You can run the same test from Hurricane Electric's looking glass testing to cogentco.com. You will see that IPv4 works but IPv6 does not.

Recently Cogent also stopped IPv6 peering with Google (AS15169). Most large Internet companies such as Google have their own networks. The lack of peering between Google and Cogent means that users who have Cogent as their only ISP cannot reach Google over IPv6.

Again, from Cogent's looking glass to google.com over IPv4 works fine:

PING google.com (216.58.192.46) 56(84) bytes of data. 64 bytes from nuq04s30-in-f14.1e100.net (216.58.192.46): icmp_seq=1 ttl=46 time=52.3 ms 64 bytes from nuq04s30-in-f14.1e100.net (216.58.192.46): icmp_seq=2 ttl=46 time=52.3 ms 64 bytes from nuq04s30-in-f14.1e100.net (216.58.192.46): icmp_seq=3 ttl=46 time=52.3 ms 64 bytes from nuq04s30-in-f14.1e100.net (216.58.192.46): icmp_seq=4 ttl=46 time=52.3 ms 64 bytes from nuq04s30-in-f14.1e100.net (216.58.192.46): icmp_seq=5 ttl=46 time=52.3 ms --- google.com ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4057ms rtt min/avg/max/mdev = 52.332/52.358/52.383/0.251 ms

But IPv6 is broken:

PING google.com(nuq04s30-in-x0e.1e100.net) 56 data bytes From 2001:550:1:321::1 icmp_seq=1 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=2 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=3 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=4 Destination unreachable: No route From 2001:550:1:321::1 icmp_seq=5 Destination unreachable: No route --- google.com ping statistics --- 5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4009ms

IPv4 still works to connect all three of the above, so most end-users should not notice the problem with the IPv6 Internet.

These networks have a disagreement over peering policy. In this case Cogent expects Google and Hurricane Electric to pay Cogent money for their IPv6 routes. Google and Hurricane Electric have stated they are happy to peer for free with Cogent, but refuse to pay Cogent money.

This hurts the customers of all three networks. All the parties involved know that it is hurting their customers but they are playing a game of chicken with one another to see who blinks first.

If Cogent blinks first they will accept settlement-free peering with the other two companies. If Google or Hurricane Electric blink first then they will pay Cogent to peer with them. Until one of these happens, then the IPv6 Internet will remain broken.

Because IPv4 is still the main Internet protocol, this is IPv6 peering conflict is likely not hurting anyone enough for the game of chicken to end anytime soon.

As bad as all this seems, there is a silver lining. IPv6 peering disputes mean that networks are beginning to take IPv6 more seriously and are starting to see the value in IPv6 traffic. cogent believes the IPv6 traffic it provides is valuable enough that other companies must pay for it. Google and Hurricane Electric both believe that their IPv6 traffic is valuable enough that Cogent should establish settlement-free peering with them. So while the IPv6 Internet is broken, this might just be a necessary step in creating a more robust IPv6 Internet.