Re: [External] Re: IPv6 uptake

[William Herrin <bill () herrin us>]

On Mon, Feb 19, 2024 at 9:23 AM Hunter Fuller <hf0002+nanog () uah edu> wrote:
> On Mon, Feb 19, 2024 at 11:16 AM William Herrin <bill () herrin us> wrote:
> > > There isn't really an advantage to using v4 NAT.
> > I disagree with that one. Limiting discussion to the original security
> > context (rather than the wider world of how useful IPv6 is without
> > IPv4), IPv6 is typically delivered to "most people" without border
> > security, while IPv4 is delivered with a stateful NAT firewall.
>
> Maybe this is the disconnect. Who delivers v6 without a firewall?
>
> I've done a lot of T-Mobile and Comcast business connections lately,
> and those certainly both provide a firewall on v4 and v6. I'll admit
> I'm not currently well-versed in other providers (except ones that
> don't provide v6 at all...).

Hi Hunter,

You may be right. I haven't ordered SOHO service in a long time and in
fairness you were talking about Joe's Taco Shop not Joe's home
network.

I -suspect- that the wifi router provided for Joe's home network
doesn't do much more than plain routing on the IPv6 side but I do not
know that for a truth. I ordered my wave and comcast services without
a router and I didn't keep the centurylink router long enough to test
whether it did any filtering on IPv6. I noticed no knobs for IPv6
filtering or port forwarding, so I suspect it did not.

Regards,
Bill Herrin


--
William Herrin
bill () herrin us
https://bill.herrin.us/