Google definitely uses IPv6 internally (ie office WiFi is now using IPv6 only (with the router doing translations to IPv4 if the site doesn’t support IPv6) and afaik most of the servers in the datacenter/clusters are IPv6 only now as they ran out of IPv4 LAN IPs for their clusters.
I just think that there’s little demand on cloud (and tons of other high prior work)
There would be a lot of demand if IPv6 wasn't an "also ran", a "tack on", some checkbox to tick.
Think about how much network complexity would simply vanish if everything used only public routable IPv6 ranges.
No more split DNS. No more NAT gateways. No need for a separate "public IP" and "private IP". No need to carefully "carve up" the 10.x.x.x range to carefully avoid overlaps... even with future business partners. No need to worry about the "size" of subnets or accidentally running out of addresses in the cramped /24 subnets most people allocate.
It goes on and on.
And on.
But none of that is possible in the public cloud, because it is IPv4 first, and 99% IPv4 by default, and if there's IPv6 support, it's broken, or incomplete, or half-arsed.
Looking at the number of unprotected databases (see i.e. https://news.ycombinator.com/item?id=23957510) I think it's good that cloud providers push for gateways etc. in order to restrict access on network level.
(They still could do IPv6 proper - no argument there)
You don't even need an outbound connection. If your router receives a packet with a dest IP set to one of your LAN machines, it'll be routed to that LAN machine. NAT does nothing to stop that, and thus does nothing for (this aspect of) security.
I just think that there’s little demand on cloud (and tons of other high prior work)