18
irene
75d

To server/network guys:

Does my router suck if it does not support IPv6?

Comments
  • 6
    Not if your ISP gives you an IPv4 :D But in general yes for compatibility reasons
  • 3
    @hypervtechnics I dunno if my ISP could give me IPv6 because my router cannot does not know about such thing
  • 8
    @irene ISPs now only give IPv6 because IPv4 there are no more left or reserved for business clients. If you had a IPv4 before IPv6 then you have the right to continue using it. My ISP tried to secretly switch IPv4 to IPv6 without even telling me. Non of my ddns addresses or homeserver was able to work anymore because every config was based on IPv4... those bastards. I called them and told them I wanted my IPv4 back. Surprisingly they did do so. And: Also all IPv4 related config in the router was gone... Of course this might depend on your contract and/or country.
  • 11
    Yeah generally networking hardware will support both v4 and v6. Since IP is layer 3 in the OSI (or TCP/IP model) this is not really dependent on your hardware but on the software/firmware in your router. Most of the Internet is running both v4 and v6 simultaneously. Not supporting v6 is basically just lazy coding and tells me your router is coming from a manufacturer willing to make trade offs they really shouldn’t! I’d recommend an upgrade.
  • 4
    on the flip side, a few years back i specifically asked the the ISP provided a 6 and the dude was clueless.

    6 is a potential security hole until everyone is using it and configuring it properly anyway.

    also, 4 vs 6 is software, so if you can update your firmware to something like openwrt/ddwrt/tomato then you can get 6 support
  • 2
    @zlice Why would IPv6 be a security issue?
  • 3
    @ScriptCoded

    like i said, no one configures for it. so you have a suited up ipv4 firewall and then ipv6 is just open ¯\_(ツ)_/¯

    also no one uses it and i know some stacks have been exploited and some things patched. but 6 will probably have some flaws until a while after 4 is no longer the norm
  • 3
    @Diactoros the firmware is pretty old and probably won't receive any updates.
  • 4
    @irene It’s probably time then. Spending $100 US for a quality home router is worth your time if you’re someone who can appreciate the Internet. If you’re feeling adventurous you could investigate OpenWRT/DDWRT or Tomato, but installing custom firmware and keeping it updated is for dedicated networking and system administration nerds only. Full time gig.
  • 7
    @irene
    I would worry more not getting firmware updates than not having IPv6.
  • 6
  • 3
    @sigfried This is a gem.
  • 2
    A router does not suck BECAUSE it doesn't support ipv6. The odds of you needing to actually use ipv6 are reasonably low. Having said that, if I see a router that does not have a feature that has been pretty standard for the better part of a decade then I'm going to assume that any number of other things are also missing or half-assed as well.
  • 2
    @sbiewald isn't that normal for all router vendors to not give a fuck about older models?
  • 1
    @irene The most, but not all.
    My vendor (AVM) gives 7-10 years of maintenance.
  • 1
    @sbiewald nice. Never heard that name.
  • 2
    @irene the routers are better known as a FritzBox. They are a bit on the expensive side but totally worth it
  • 1
    @fuckwit local German vendor 😞
  • 1
    @irene While they are really popular in Germany, AVM exports in other countries, too.
    Fritzboxes for use outside of Germany have "international" in their name.
  • 1
    @sbiewald nope. Haven't seen those routers here.
  • 0
    @zlice all your points have been debunked already. Also a lot of services/people use IPv6. If I go and look right now I wouldn't be surprised if the amount of traffic through IPv6 is 40% or higher. And also IPv6 is the internet standard for years now. The thing is big fuckers are using excuses for not supporting it. Hence the reason I posted that site above.
    https://tools.ietf.org/html/... (security thing)
    https://ipv6bingo.com/
    https://ipv6excuses.com/
  • 1
    @zlice So we should just not use it and hope for it to get better? That sounds effective... Also, there's still a thing called ports
  • 0
    @sigfried

    i've seen shitty rules irl

    and i've seen ipv6 "attack kits" (not that i've looked in the last couple years and haven't been doing much in that scene in that time)
  • 0
    @ScriptCoded that's quite the extrapolation
  • 1
    @zlice Is it? It was one statement. To be fair, I wouldn't say it was an extrapolation at all
  • 0
    @sigfried Really, nothing a about privacy? As far as I understood, ipv6 addresses are based on the Mac address as well and can be traced right back to a specific device but I could be wrong.
  • 0
    @linuxxx it can be based on MAC addresses yes but it doesn't have to be.
  • 0
    @sigfried Know of a way to prevent that?
  • 1
    @linuxxx it is done automatically by your OS. Windows has it on by default and I think Linux has too. If you have an IPv6 connectivity there should be a Temporary Address. That is generated by the OS to keep your real address hidden. It changes over time. It can also be done by the DHCPv6 server if I'm not mistaken. I think with a DHCPv6 server it isn't based on your MAC anyway. I might be wrong tho. If you go to IPv6-test.com it should say SLAAC = No.

    Also maybe this is handy: https://blog.superuser.com/2011/02/...
  • 1
    It's kinda shitty, but I have to admit.. I've disabled it in my servers too 🙈
  • 1
    @linuxxx After enabling privacy extensions multiple random addresses will be additionally assigned (*). The random one changes regularly.
    Modern Linux distribution should already have enabled that. The relevant `sysctl` options are:
    - net.ipv6.conf.all.use_tempaddr (set to two)
    - net.ipv6.conf.all.temp_prefered_lft (how long a single address should be used)
    - net.ipv6.conf.all.temp_valid_lft (time in seconds for each temporary address)

    "all" can be replaced by the interface name or "default" for new interfaces.

    *: Of course is only relevant for the last 64bit (or so) as the first half is given by the ISP and may or may not change.
  • 1
    Yes
  • 0
  • 2
    IPv6 isn’t scary. No reason to disable it.
    Just make sure you firewall v4 *and* v6.
  • 0
    @xalys it does not know what ipv6 is at all.
Your Job Suck?
Get a Better Job
Add Comment