is this addressed to me or to @Shadowmeph ?
if me, I'm just curious. if @Shadowmeph ...well, I'll let him take it from here.
how many of you are IPv6?
- Thread starter Marzipan
- Start date
if me, I'm just curious. if @Shadowmeph ...well, I'll let him take it from here.
I think @attonbitusira is asking because your internal network of devices is fine to remain on IP4. The address space for those is only internal. It'd be your service provider switching to IP6 for your external IP but then that would still be largely invisible to you unless you were accessing remotely perhaps.
Unless I'm misunderstanding, which is completely possible this morning
To you
One gotcha to consider is ensuring your firewall has the necessary ipv6 rules and you aren't relying on NAT alone for security. If your ISP automatically starts assigning publicly facing ipv6 addresses to your devices (/64 or /56) without a firewall you may find yourself exposing services to the public Internet inadvertently.
As a general rule I don't trust the provided ISP modem/router so if you have the option to bridge to your own firewall you can better control the related ipv6 settings. Good luck!
well, I was mostly curious about it and wanted to know more and see if it was something the whizbangs here had set themselves up for because it's better.To you
One gotcha to consider is ensuring your firewall has the necessary ipv6 rules and you aren't relying on NAT alone for security. If your ISP automatically starts assigning publicly facing ipv6 addresses to your devices (/64 or /56) without a firewall you may find yourself exposing services to the public Internet inadvertently.
As a general rule I don't trust the provided ISP modem/router so if you have the option to bridge to your own firewall you can better control the related ipv6 settings. Good luck!
what would you recommend beyond the ISP modem / router's firewall that a networking ninny could manage?
Not sure about your requirements or the specific level at which you ninny, but assuming you understand CIDR, basic linux commands, and 99% of the features on a prosumer router:
OSS: opnsense, netgate/pfsense
Closed: meraki, ubiquity, fortigate, sonicwall tz, cisco asa
You can find a LOT of small business firewalls for cheap on ebay. licensing can be extra. EOL firewalls could be a security risk.
Cisco ASA is probably the hardest learning curve, not sure if this is hobby or career for you.
Stay curious brother.
While I haven't used, this does tend to review well: https://firewalla.com/. Of course, a bunch of us on here run UniFi too.
On the IPv6 topic though, I think most of our mobile networks are running IPv6 if you look at the addresses your phone has. It's the wired residential connections that are more iffy, I don't think Bell supports it at all, Rogers may be the only "mass" deployment of it. Not sure about Telus.
Uncertain about City West, looks local to Prince Rupert, but they do have IPv6 peering by the looks of it: https://bgp.he.net/AS18988, so it's possible if you upgrade your modem/router from them that you'd be able to get it.
Realistically unless your hosting it locally or you trying to access something that is IPV6 only it isn't something you actually need yet. In my office I'm hosting publicly facing resources.
This looks very interesting. Thanks for sharing.
Firewalla Purple SE: Cyber Security Firewall & Router Protecting Your Family and Business (Ships Worldwide)
Firewalla Purple SE is an affordable version of Firewalla Purple, without short-distance Wi-Fi, for network speeds below 500 Mbps. For Powered by The Firewalla Security Stack For a Better Network Smart Traffic Management Easy to Install Simple to Use Sophisticated Security and Networking...
firewalla.com
I have some experience in this space and I am highly suspicious of their throughput performance claims on that hardware. Especially for security outcomes. I might buy one of these just to test it out. Would love to have this and 3 port tap in my everyday bag.
xentr_legal_notice_title
xentr_legal_notice_description