[wp-meta] [Making WordPress.org] #3090: WordPress.org API not accessible over IPv6

Making WordPress.org noreply at wordpress.org
Wed Jan 10 01:30:25 UTC 2024 

#3090: WordPress.org API not accessible over IPv6
-------------------------+-------------------------
 Reporter:  deaky        |       Owner:  (none)
     Type:  enhancement  |      Status:  closed
 Priority:  high         |   Milestone:
Component:  API          |  Resolution:  maybelater
 Keywords:               |
-------------------------+-------------------------
Changes (by dd32):

 * status:  reopened => closed
 * resolution:   => maybelater


Comment:

 > IPv6 IP address is no different from adding a IPv4 at this time what
 would be a blocker here ?

 While that is true to enable IPv6 connectivity, there's a lot of other
 network-level requirements in Switches, Routers, network upstreams, and
 within the WordPress.org software stack as well, in order to allow IPv6
 traffic to be stable and reliable.

 Notably, DDOS mitigation for IPv6 requires a higher level of memory usage
 and attack protection, / per-IP rate limits also become harder to handle
 with end-connections receiving anything from a `/64`
 (18,446,744,073,709,551,616 individual IPs) or `/48` for some business
 connections, all the way down to a single `/128` per connection. You can
 treat every `/64` as one "person" but in doing so you might be treating an
 entire country or ISP as one "person".  This is already becoming an issue
 with CGNAT / NAT64 too, with entire IPv6-only networks connecting to us as
 a singular IPv4 (or usually, a /24~/21 IPv4 range representing 20x the
 people), which can result in the same issue in reverse.

 I'm personally aware of some VPS providers which only provide IPv6
 connectivity and provide no outgoing IPv4 connectivity, and others that
 provide a NAT service for that.

 So it's not just a case of turning it on, it's a complicated chain of
 events that doesn't necessarily benefit the majority of end-users right
 now. I know it's still on the systems roadmap, but that's not a high
 priority nor will it likely roll out as you may expect (ie. it'll appear
 on `s.w.org` CDN first, and possibly api/downloads before other user-
 facing areas)

-- 
Ticket URL: <https://meta.trac.wordpress.org/ticket/3090#comment:16>
Making WordPress.org <https://meta.trac.wordpress.org/>
Making WordPress.org

More information about the wp-meta mailing list