[RfC] IPv6-only network

[leoluk]

"Radical" thought: Running Solana as an IPv6-only network would have a number of advantages over the current IPv4-only network, without complicating the gossip or turbine network topology.

Decreased cost of running multi-homed infrastructure

RIRs have run out of IPv4 allocations. Buying a /24 network, which is the smallest publicly-routable prefix length, is about 7-8k$ today[1], which is prohibitively expensive for small/medium-sized operators. Renting a network is cheaper (70-100$/month), but still serves as a disincentive, especially with prices that continue to increase. It discourages operators who may consider running their own multi-homed infrastructure from doing so.

This also affects validators who rent from a third party provider, since the high costs are eventually passed down to customers.

IPv6 PI allocations are basically free.

CGNAT

Providers are increasingly deploying large-scale CGNAT and load balancer topologies because they too don't want to buy new IPs. Today, this already the case for many eyeball networks. This is fundamentally incompatible with the Solana architecture:

• No true end-to-end connectivity. Would require a rendezvous server for hole punching, which adds a lot of complexity and censorship/eclipse attack risks.
• CGNAT middleboxes are often stateful choke points that increase jitter and bufferbloat and like to break. IPv6 routing is almost always completely stateless and requires no middleboxes or NAT whatsoever end-to-end.

This precludes deployments on some high-bandwidth eyeball networks that would otherwise work.

Edge ACLs

IPv6 addresses have enough entropy (the lower 64 bits, in fact) to encode previously negotiated secrets. This makes it easy to implement a token/VIP mechanism to offload DDoS filtering to a provider network edge using BGP Flowspec or similar standardized signalling protocol vs. having to deploy custom edge filtering solutions (see #8334 for the VIP discussion).

Not building on legacy tech

IPv4 is a legacy technology that is being phased out over the next decade, and the sooner we migrate to IPv6, the easier it'll be. A short phase of dual stack for migration is much cheaper than long-term maintenance of a dual network stack.

[aeyakovenko]

This would be awesome

[brianlong]

Great idea. Let's do it!

[joeldejesus1]

Hello. Is there anything as an RPC user can do to advocate for this?

It is easy to get fast hardware and fast ISP connections (even up to 10G), but it is a pain to deal with IPV4 when running validators for multiple clusters in an internal network.

Bitcoind has worked with IPV4, IPV6, and even TOR for many years now, so I assume (unsafely?) this is a relatively trivial request.

[xanather]

I'm honestly surprised solana-labs decided to choose IPv4 to use as the network when this technology started way after IPv4 exhaustion. IPv6 seems completely disabled.