It doesn’t fix it, per se, rather removes the need for layers of hacks such as nat and cg-nat. Every device gets a globally routable IP - no need to forward anything, just open the port you want.
This doesn’t solve for VPNs no longer offering it though, unless the VPN services started offering pure v6 via tunnel at some point while I wasn’t looking. I know I’ve never seen a v6 pier in the last few years since I started sailing again.
Yeah thats been my issue. It works fine on my unprotected IP. But I don’t have the cash to spend on expensive vpns and the cheap options seem to universally be shlt for port forwarding, ie. seeding
Port forwarding is necessary due to NAT not firewalls.
It’s not that your router blocks new incoming connections at port X, it’s that it does not know which local client it’s meant for, since it’s addressed to the public IP that is held by your router.
With IP6 it’s lan client also gets assigned a public IP6 address (as there are plenty) and so the router receives a connection addressed to a Lan client and knows where to route it.
IPv6. My stupid ISP actually shipped their router with all inbound ipv6 blocked with no way to unblock it, so I set up opnsense. Works like a charm!
At least your stupid ISP has IPv6. Mine doesn’t (yet).
Fair enough, I guess. Still, I was dumbstruck by lack of ability to open up a port.
My ISP blocks SMTP but other than that the ports work fine.
Glad to hear! Not that you’d want to send email from a residential IP anyway - if not for your ISP, every email service wouls bounce it anyway.
I’m very uneducated about this stuff. How does IPV6 fix that issue?
It doesn’t fix it, per se, rather removes the need for layers of hacks such as nat and cg-nat. Every device gets a globally routable IP - no need to forward anything, just open the port you want.
This doesn’t solve for VPNs no longer offering it though, unless the VPN services started offering pure v6 via tunnel at some point while I wasn’t looking. I know I’ve never seen a v6 pier in the last few years since I started sailing again.
Yeah thats been my issue. It works fine on my unprotected IP. But I don’t have the cash to spend on expensive vpns and the cheap options seem to universally be shlt for port forwarding, ie. seeding
What about ivpn? I was planning to try that myself.
opnsense sounds like what I was looking for (if I understand correctly)
I had no idea there was a way to go around the ipv6 restrictions
How does IPV6 makes port forwarding possible?
It’s not v6 itself, it’s rather lack of layers of nat that prevent forwarding a v4 for most folks.
Hmm, so no firewall in the router blocking ports, instead blocking happens on the actual client?
Port forwarding is necessary due to NAT not firewalls.
It’s not that your router blocks new incoming connections at port X, it’s that it does not know which local client it’s meant for, since it’s addressed to the public IP that is held by your router.
With IP6 it’s lan client also gets assigned a public IP6 address (as there are plenty) and so the router receives a connection addressed to a Lan client and knows where to route it.
Ah interesting! TIL. Thank you!
The router is still your firewall, it just doesn’t need to do NAT with IPv6
Normally firewall is on the router. Sensitive environments usually run one on the client as well.