IPv6, why don't you enable it already?

Recently at work I just did regular work-things. I logged on to my PC, opened my E-Mail client(s), read some mail, SSHed into one of our servers, started VSCode.... all that stuff. However some things were weird. I was looking stuff up on the internet - googling stuff, but some websites wouldn't load. No spinny circle, long wait times or anything, just fail outright.

Odd, I thought. It wasn't really clear which sites worked and which didn't. It seemed kind of random. 
After not being able to open this one forum but another, I realized I should investigate further. First I opened up https://ip.my-webspace.at/ to figure out my IP address and check if it is what it should be. It showed as 2001:62.... OK, that's correct. Then I clicked on the IPv4 link and got the same error message I got earlier. Aha! that's what happened! I had been messing with some VLAN settings on my PC the previous day and must have accidentally killed my legacy IPv4 connectivity and was only connected via IPv6. One quick edit of /etc/network/interfaces and I had full restored it.

That got me thinking - there's quite a large bit of the Internet which is fully reachable via IPv6. Unfortunately significant bits are still missing. Moving forward we have no choice but embrace IPv6 as legacy v4 addresses are already scarce. 
Of course at my-webspace.at we already have full IPv6 connectivity since 2012. Many of the big providers do as well, but there are a number of hold-ups remaining I've encountered:

No provider support

Sometimes it's simply that the ISP doesn't care. As of mid-2023 one of Austrias largest ISPs, Magenta Telecom, only supports IPv6 in residential DSLite configurations. Meaning you either get carrier grade NAT (no public v4 address) with IPv6 - or - a public v4 address and no v6 at all. Their business offerings have no v6 support at all. Worse, if you have Domains hosted with them, you can't even add AAAA entries. And even worse than that, the firewall on their residential gateways is totally broken, you can either forward all ports to a host or none at all. No selective forwarding. You can set it up, yes, but it won't work. Sorry for the rant, but they are a good example of the "don't care" category.
If you want to change things, bug them! Contact customer support, write letters, tell them that you need this feature! Or switch if you can. In Austria I can recommend Telematica, they are very affordable and have good service. I'm not affiliated, I just really like them.

Provider support, but owner doesn't care

Some of our customers have their domains hosted externally. There are a few customers who refuse to add AAAA records to the DNS. Mostly because this would mean 2 minutes of extra work (or the domain is hosted at Magenta). Which is very sad because despite our infrastructure supporting it, it's not enabled. I've seen it with some people hosting their stuff with Hetzner (a Germany based budget server and cloud provider), AWS or Digitalocean which have excellent IPv6 support that customers simply don't enable IPv6 or provide AAAA entries.
More education is needed here. Sometimes even other network administrators just give me a puzzled look when I mention IPv6.
I think Hetzner is going an interesting way here. You get a discount on their cloud servers if you don't need IPv4 on specific instances. Maybe this will encourage people in using IPv6 more - saving a few bucks is always good.

No software support

Yes, there is still a lot of software with bad or missing IPv6 support. Minecraft for example - there is really no reason for it not supporting IPv6. Another thing is the recently designed communication network / crypto currency Helium. It boggles the mind that someone designs new protocols in this decade and not factor in IPv6! 
But one of the biggest problems is Docker.
Docker has IPv6 support but it's disabled by default. The reason is that it's not really working right. We use Docker extensively at my-webspace.at but we weren't able to enable IPv6 on our Docker cluster. The reason is that Docker makes heavy use of NAT in its security model, which is not really a thing with IPv6. You can enable it, yes, but it's not very well supported.
The good news is that most docker services don't need to be reachable from the public Internet anyway, instead it makes more sense to go though a reverse proxy such as Nginx. So if you dockerize Nginx, that's bad, no IPv6.
But if you run nginx on the host and the services inside Docker you can have your IPv4 only Docker setup but still have it reachable via IPv6 from the outside. This is how we do it at my-webspace.at
This means you can't use fancy HTTP routing software such as Traefik, but maybe future Docker versions will bring better IPv6 support.
Let's just hope people will actually make use of it once it does.