• r00ty@kbin.life
    link
    fedilink
    arrow-up
    15
    ·
    3 months ago

    Routers simply need to block incoming unestablished packets (all modern routers allow for this) to replicate NAT security without NAT translation. Then you just punch holes through on IP addresses and ports you want to run services on and be done with it.

    Now, some home routers aren’t doing this by default, but they absolutely should be. That’s just router software designers being bad, not IPv6’s fault, and would get ironed out pretty quick if there was mass adoption and IPv4 became the secondary system.

    To be clear, this is not a reason not to be adopting IPv6.

    • Archer@lemmy.world
      link
      fedilink
      English
      arrow-up
      2
      ·
      3 months ago

      Routers simply need to block incoming unestablished packets

      This is called a firewall

      • r00ty@kbin.life
        link
        fedilink
        arrow-up
        1
        ·
        3 months ago

        Yes, and no. A firewall is still a firewall if it is configured to have all ports open. The Linux kernel firewall is still active, even though its default configuration is, everything open.

        My point is, for some reason there are some that are not configured to block incoming IPv6 by default. When that should be the standard home/consumer router default setting. Then the user can open ports to ips as they need them.