IPV6 - How does it affect end-users and how do we council?
I know that we are actively investigating IPV6, the fact that it's displayed as IP 0.0.0.2 and how we need to handle that in the product. (For reference, here's the GitHub Issue.) That being said, I'd like some guidance here from your tech gurus because I really don't know how to reassure my customers, or answer their questions about IPV6.
IPv6 is a major concern for many users as they rely on IP information to handle Registration requests, user bans, and the like.
For example, Digital Spy uses the Approval method for registration, and check IP information to make sure banned users are not coming back under a different email address.
Atkins uses it to identify a Troll that they haven't been able to shake for half a decade.
Part of the concern is - how do we ban users, or identify returning offenders if they're using IPv6?
The other concern is - can we rely on Stop Forum Spam if we're not storing the IPv6 info on our side?
For example, I know many of our customers, despite our advice, implement several IP bans. I'm thinking of Polk Audio and College Confidential, off the top of my head. I'm not sure what to tell them here as I don't fully understand what IPV6 is, or what it even means.
From what I understand, users are assigned IPV6 addresses in blocks, so it doesn't make much sense to block a V6 address. The address also doesn't have the same structure as a V4 address so banning can't be done in the same way.
It would be unbelievably helpful for us CSMs to get some guidance on this topic if at all possible.
Comments
-
@shaunamcclemens @BrendanParm Do you hav similar questions?
0 -
I do have similar questions. Right now I only have a handful of clients that are asking about this, but I can only assume that the numbers will grow.
For me, the biggest question I have is what we are going to do and what that timeline is.
The most pressing issue is displaying it as something other than 0.0.0.2 that makes the clients think it's 'broken', but I know that many of our big clients (like EA) use IPs a lot for banning etc, and will want to understand how IPv6 impacts their use of moderation tools/spam tools. A little blurb that speaks to that would be extremely helpful to me.
0 -
I'll chime in and say Support has gotten a couple questions regarding IPv6 (well, at least one that I've dealt with. Laura may have seen others). Concern is the same as everyone else's - they use IP addresses to moderate new users and are worried they won't be able to do that anymore. For instance, T@b-RV uses it to verify that it's users are American as the European models of their RVs are built to different specs and the forum is specifically built toward the American audience (and they'd like to avoid confusion by bringing in other models from other countries).
0 -
Finishing IPv6 support has been added to the new support sprint.
0 -
I'm still looking for some guidance here.
I have customers asking me questions about how to ban IPs with V6. I know they that banning IPs won't necessarily work the same way with IPV6 addresses. I know they are assigned in blocks and they won't have a predictable structure where you can user wildcards and ban blocks of IPs.
I've also read that it's not a good practice to ban a ton of IPV6 addresses (we don't recommend IP banning either way but as you know everyone still does it.)
Here's an example of a question I'm getting and I'm struggling to answer:
Hey, Val,
Following your latest update, the issue seems to be fixed with the latest release. However, we have a few technical issue on how to handle the fix:
1) if you click on IPv6, you get to a page in the Dashboard that displays the IP. Attached is an example. However, this does not track all users that have the same IP, correct? We need to get a list of all users who connected on the IP to get the duplicate accounts.
2) one we determined the IP, can we block it in the Dashboard under Ban Rules (like we do for a regular IP)?
Thanks,
0 -
The link the customer refers to is indeed a search of all users on that IP address.
They can indeed be banned like normal IPs (minus the wildcards, as you noted).
It would probably be most useful to break down the underlying customer assumptions about how IPs work.
Under IPv4, you could assume a few things:
- Multiple devices behind 1 router (i.e. in the same building) would probably have the same external-facing IP address. Thus if someone signed up for accounts on both their iPad and their MacBook, both of those accounts would have the same IP address.
- IP addresses are roughly geographic; e.g. you could ban Singapore with a well-placed wildcard.
- In the US, geographic IP banning was extremely precise due to us owning 50% of the IPv4 addresses in the world.
None of this is true anymore under IPv6:
- Every device gets one.
- IPs are randomly distributed.
- The US isn't favored.
All along, we've been saying IP banning is an ineffective moderation tool.
- Accidentally bans unintended folks.
- IP addresses rotate frequently.
- Easily evaded by folks with a small amount of technical know-how.
IPv6 doubles down on all those reasons and upends all the assumptions folks have about IPs.
0 -
Rob at Acer was telling me that people could have an IPv4 AND an IPv6 address, but based on what I read online, I was under the impression it was OR, not AND.
Can you confirm which is correct?
0 -
A device can be assigned both, yes. That allows for backwards compatibility with the rest of the Internet.
0 -
Interesting. So if they have both, can we see both?
0 -
No, we're only registering one.
And now that you mention this, I think it's possible that our datacenter migration caused us to switch from IPv4-first to IPv6-first. At least, that would explain why so many folks suddenly got IPv6 addresses after the switch.
In other words, we always (or usually) registered the IPv4 address before, whereas now, if they have an IPv6 address, we use that instead. That's purely a hunch as I have no ops visibility into this.
0
