What's new

IPv6 question

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
Yes - you have objections to IPv6, but I haven't seen a good argument against it, other than "do not like"

There's a few good arguments:

1. For most people it is not needed and adds no benefit (actually often causes problems).
2. Most people do not understand the major differences and security implications the change causes. Not saying there is no security, just that people turning it on without understanding it, especially when some of the modes allow you to bypass firewall completely, is dangerous.
3. Now that the firewall is your only line of protection, you are relying on this consumer grade device to implement it perfectly without bugs or security holes. Not something I'm willing to trust on its own.
 
Yes - you have objections to IPv6, but I haven't seen a good argument against it, other than "do not like"

From this thread alone and for the specific device in question:
- IPv6 leaks with popular VPN services (NordVPN, ExpressVPN, etc.)
- firmware issues in log, even cosmetic (the user has no way to know)
- not all firmware components support IPv6
- the user has IPv4 address available

Other:
- not user friendly
- there is no performance benefits
- only about 30% of top 1000 websites support IPv6
- one more attack surface to internal network
- NAT does provide extra layer of security
- promised security available, but made not mandatory (IPSec)
- complex traffic control, DNS enforcement, content filtering
- different ISPs have different IPv6 implementation
- extra cost involved in business environments
- IPv4 works very well
 
From this thread alone and for the specific device in question:
- IPv6 leaks with popular VPN services (NordVPN, ExpressVPN, etc.)
- firmware issues in log, even cosmetic (the user has no way to know)
- not all firmware components support IPv6
- the user has IPv4 address available

Other:
- not user friendly
- there is no performance benefits
- only about 30% of top 1000 websites support IPv6
- one more attack surface to internal network
- NAT does provide extra layer of security
- promised security available, but made not mandatory (IPSec)
- complex traffic control, DNS enforcement, content filtering
- different ISPs have different IPv6 implementation

not my problem...

seriously - if your router vendor has issues with this, find another vendor
 
There's a few good arguments:

1. For most people it is not needed and adds no benefit (actually often causes problems).
2. Most people do not understand the major differences and security implications the change causes. Not saying there is no security, just that people turning it on without understanding it, especially when some of the modes allow you to bypass firewall completely, is dangerous.
3. Now that the firewall is your only line of protection, you are relying on this consumer grade device to implement it perfectly without bugs or security holes. Not something I'm willing to trust on its own.

I'll say the same here - if IPv6 is an issue with a device, time to find another device...
 
Let's stop here. Nothing much has changed since last year's thread. The same IPv6 use cases (when needed) and issues (when not needed).
 
I'll say the same here - if IPv6 is an issue with a device, time to find another device...

When IPv6 becomes a requirement for me, I will, at least assuming they haven't made the IPv6 implementation in these home routers safer and more robust by then. Right now, v4 is all I need.
 
When IPv6 becomes a requirement for me, I will, at least assuming they haven't made the IPv6 implementation in these home routers safer and more robust by then. Right now, v4 is all I need.
I feel like it may be more of necessity once everything roles over to CGNat. I am atleast glad isp are trying to get their ipv6 infrastructures established now. I will be thankful it is there the day we are forced to need it. I still think at this point the router industry would be lagging behind with some companies. They obviously are not concerned with these types of issue beyond that of a lip service- a.k.a. an ipv6 page that defaults to off.
 
Last edited:
I have IPv6 implemented and have for quite some time. Why? Well, at first, because I could. How do you learn (positives and negatives) without using/doing something on your own equipment with your own software?
Once you get your head around ULA, Link-Local, and Multicast it all becomes much easier.
I haven't had any issue with this or that device being exposed to the internet accidentally. I have tested in the past from outside and I occasionally test after a major update to networking equipment or configuration.

I host my own servers and that brings some extra work as I don't do IPv6 DDNS. So far, it isn't a real problem as my IPv6 addresses do not change often so I add them manually. I wish DDNS for IPv6 were easier/more reliable, but that is the way it is if you have more than a single device.

Not interested in CGNAT, I see no easy way to host things if that were to come to my town.
I don't do VPNs, except a client for a work laptop.
I don't do any traffic shaping, I have 600 down 20 up and nothing is hindered, so why introduce additional overhead?

I used OpenWRT for a spell and left it mainly due to the poor attitude regarding IPv6. Mostly, things that just work on Merlin do not work on OpenWRT. When prodded, the consensus seems to be 'Why do you want IPv6, IPv4 NAT is great'. I have a different opinion as you can see, so a great IPv4 router just isn't all that. OPNSense and pfSense are both nice, but I'm much more comfortable with Merlin.

In all, enable and learn to use IPv6.
 
and don't forget

Hey, sound dude! Don't forget your toy router and YouTube network is much different than my networks. You can play with IPv6, QUIC, DoH and scripts written by lonely coders all day long. I can't and in some parts not allowed to. Otherwise I may have to join your networking club and I don't want to.
 
I feel like it may be more of necessity once everything roles over to CGNat. I am atleast glad isp are trying to get their ipv6 infrastructures established now. I will be thankful it is there the day we are forced to need it. I still think at this point the router industry would be lagging behind with some companies. They obviously are not concerned with these types of issue beyond that of a lip service- a.k.a. an ipv6 page that defaults to off.

The only people using CGNAT are companies that can't get public IP allocations like startup ISPs or wireless carriers who didn't have much to start with that are now trying to offer home internet. Sure existing ISPs will run out some day, but they've already found ways to free up IP space (moving management to IPv6 etc). Yes, IPv6 will be the norm some day, but other than turning it on years ago to toy with it when I had multiple layers of security, until it is a requirement and some of the kinks are ironed out, I'm in no rush.
 
Once you get your head around ULA, Link-Local, and Multicast it all becomes much easier.

That's the thing though, if you're using ULA then you're not using IPv6 as intended and trying to hold on to the typical v4 design. So might as well just stick with v4 for now (other than playing with it and learning about it, which sounds like you've done already).
 
That's the thing though, if you're using ULA then you're not using IPv6 as intended and trying to hold on to the typical v4 design. So might as well just stick with v4 for now (other than playing with it and learning about it, which sounds like you've done already).

Tsk, tsk. Don't reword my reply. Nobody said I do or don't use any type, just that I do rely on IPv6.
 
The only people using CGNAT are companies that can't get public IP allocations like startup ISPs or wireless carriers who didn't have much to start with that are now trying to offer home internet. Sure existing ISPs will run out some day, but they've already found ways to free up IP space (moving management to IPv6 etc). Yes, IPv6 will be the norm some day, but other than turning it on years ago to toy with it when I had multiple layers of security, until it is a requirement and some of the kinks are ironed out, I'm in no rush.
Don't forget about those ISP's who only have CGNAT to turn it off for an additional monthly bill charge.
 
Tsk, tsk. Don't reword my reply. Nobody said I do or don't use any type, just that I do rely on IPv6.

Didn't literally mean you in the first part but that wasn't clear especially because I did in the second part. "If someone" is more accurate.

But do you use ULA? :)
 
Don't forget about those ISP's who only have CGNAT to turn it off for an additional monthly bill charge.

I think those are still ones without enough IPs for everyone but enough to sell some if you're willing to pay. Sort of an accidental revenue stream they stumbled upon. Who knows though, just conjecture.
 
Status
Not open for further replies.

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top