The question above for the most part, been reading up on it. Also want to it for learning purposes.

  • Katrina@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    10
    arrow-down
    12
    ·
    1 year ago

    And the biggest disadvantage of IPv6 is that each of your internal devices has its own address and can be directly accessible from outside. So you need to completely rethink how you do security.

    • thanevim@kbin.social
      link
      fedilink
      arrow-up
      6
      ·
      1 year ago

      Isn’t that what tburkhol addressed in their first paragraph? Or are you suggesting further steps than just putting those devices behind NAT? I am not at all trying to be snarky, I actually want to know more about this.

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        You don’t need to use nat on ipv6. Most routers are based on Linux and there you have conntrack.

        With that you can configure by default outgoing only connections just like nat and poke holes in the firewall for the ports you want specifically.

        Also windows and I think Linux use ipv6 privacy extensions by default. That means that while you can assign a fixed address and run services, it will assign random ip addresses within your (usually) /64 allocation for outgoing connections. So people can’t identify you and try to connect back to your ip with a port scanner etc.

        All the benefits of nat with none of the drawbacks.

    • lemming007@lemm.ee
      link
      fedilink
      English
      arrow-up
      6
      arrow-down
      2
      ·
      1 year ago

      And can be identified/tracked individually by outside entities. In IPv4, a website sees both my device and my kid’s device as the same IP. In IPv6 they’re different so this just provides more ways for them to track you.