IPv6 question

Status
Not open for further replies.

nospamever

Regular Contributor
I enabled IPv6 under Advanced Setting/IPv6 as passthrough (and on my modem as well). Confirmed I have ipv6 connections using broswer test.
However, under Advanced Setting/System Log/IPv6 it says IPv6 Connection Type as Disabled.
Trying to find out why that is.
 

SomeWhereOverTheRainBow

Part of the Furniture
I enabled IPv6 under Advanced Setting/IPv6 as passthrough (and on my modem as well). Confirmed I have ipv6 connections using broswer test.
However, under Advanced Setting/System Log/IPv6 it says IPv6 Connection Type as Disabled.
Trying to find out why that is.
WebUI bug brought by ASUS. It has been there for a while. As long as your clients are getting IPV6 you should be fine; However, you should try using Native IPV6 since most ISP providers now offer it. The problem with pass through is that it is actually serving up the connection as if it were directly being served by the modem. Meaning you are probably bypassing any security layer address assignments. Basically with Native, each of your clients get a more unique address instead of the one served up by the modem.
 

nospamever

Regular Contributor
WebUI bug brought by ASUS. It has been there for a while. As long as your clients are getting IPV6 you should be fine; However, you should try using Native IPV6 since most ISP providers now offer it. The problem with pass through is that it is actually serving up the connection as if it were directly being served by the modem. Meaning you are probably bypassing any security layer address assignments. Basically with Native, each of your clients get a more unique address instead of the one served up by the modem.
Thanks, I will try to change from passthrough. Last time I selected Native I could not get ipv6 connections.
 

nospamever

Regular Contributor
And why did you enable IPv6?
I think why not when my ISP provisioned for it, my modem and router are capable of it. Honestly, I have no idea if I get a better experience using ipv6 over ipv4 but it is the modern way isn't it?
 

Tech9

Part of the Furniture
It's also the way to get in trouble. It's Disabled by default in Asuswrt for a reason.
 

nospamever

Regular Contributor
It's also the way to get in trouble. It's Disabled by default in Asuswrt for a reason.
You mean I should enable ipv6 at all? Is it because of router limitations?
 

zackattack784

Regular Contributor
I don’t understand why IPv6 is so polarizing. Every time the topic comes up you always end up getting people that are vehemently for and against it. It’s been in my area for a little while now but I just recently flipped the switch. I’m running native and I haven’t had any issues and it’s playing nicely with my scripts so I’ll leave it. If I have issues, I won’t hesitate to turn it off either.

I would leave it off though if I had to run passthrough and just wait for native. No sense compromising when you don’t need IPv6 for anything yet (and probably won’t for quite some time).
 

Tech9

Part of the Furniture
Is it because of router limitations?

We had a long conversation about it.


Don't be surprised if your traffic goes around your VPN client using IPv6, for example. Read what parts of the firmware and scripts are IPv4 only. You have opened another door in/out of your network and you don't know why. You're not getting any better experience. In some cases just the opposite.

If I have issues

If you have issues, you'll find from 3rd party. You have no way to diagnose your IPv6 connection. Like 60+ million users never found their physical address can be revealed by ISP routers with IPv6 enabled. The issue is fixed now, but it was real. Good luck with your home router and hope for the best.
 

nospamever

Regular Contributor
I don’t understand why IPv6 is so polarizing. Every time the topic comes up you always end up getting people that are vehemently for and against it. It’s been in my area for a little while now but I just recently flipped the switch. I’m running native and I haven’t had any issues and it’s playing nicely with my scripts so I’ll leave it. If I have issues, I won’t hesitate to turn it off either.

I would leave it off though if I had to run passthrough and just wait for native. No sense compromising when you don’t need IPv6 for anything yet (and probably won’t for quite some time).
Are you running native necause your WAN Connection Type set PPPoE?
 

nospamever

Regular Contributor
We had a long conversation about it.


Don't be surprised if your traffic goes around your VPN client using IPv6, for example. Read what parts of the firmware and scripts are IPv4 only. You have opened another door in/out of your network and you don't know why. You're not getting any better experience. In some cases just the opposite.



If you have issues, you'll find from 3rd party. You have no way to diagnose your IPv6 connection. Like 60+ million users never found their physical address can be revealed by ISP routers with IPv6 enabled. The issue is fixed now, but it was real. Good luck with your home router and hope for the best.
Crap, thanks for telling me. I will switch off for now until it is safe. I had no idea!
 

Tech9

Part of the Furniture
It is safe enough as technology, but I personally don't know what works on a toy router. I also don't know what rogue IoT device can do with direct access to Internet. VPN clients disable IPv6 to prevent leaks. Asuswrt has VPN Server with IPv6 support, but no Client with IPv6. Your ISP can see all your devices when IPv6 is enabled. If you feel comfortable - enable it and experiment. My general advice is if you don't need IPv6 - keep it disabled.
 

nospamever

Regular Contributor
It is safe enough as technology, but I personally don't know what works on a toy router. I also don't know what rogue IoT device can do with direct access to Internet. VPN clients disable IPv6 to prevent leaks. Asuswrt has VPN Server with IPv6 support, but no Client with IPv6. Your ISP can see all your devices when IPv6 is enabled. If you feel comfortable - enable it and experiment. My general advice is if you don't need IPv6 - keep it disabled.
Thanks, I already disabled ipv6.
 

SomeWhereOverTheRainBow

Part of the Furniture
It's also the way to get in trouble. It's Disabled by default in Asuswrt for a reason.

Thanks, I already disabled ipv6.

HTTPS on the Webui is also turned off by default in the firmware, but that doesn't stop people from turning it on and using it instead of http. The router typically has a default login name and password, that doesn't stop people from changing it and using something different. Essentially, anytime you change something in the "firmware" from its default behavior, you are creating a security risk. Don't turn on SSH or AI-Protect either, the firmware has that turned off by default for a reason.
 
Last edited:

heysoundude

Part of the Furniture
HTTPS on the Webui is also turned off by default in the firmware, but that doesn't stop people from turing it on and using it over http. The router typically has a default login name and password, that doesn't stop people from changing it and using something different. Essentially, anytime you change something in the "firmware" from its default behavior, you are creating a security risk. Don't turn on SSH or AI-Protect either, the firmware has that turned off by default for a reason.
Yeah, I agree with why and who you aimed this at, but It's actually good to have a reliable opposition to the prevailing attitudes in places: it often makes people stop and (hopefully) think for themselves.
 

Tech9

Part of the Furniture
the firmware has that turned off by default for a reason.

The Like is because you give an excellent example related to enabling things with no good understanding what they do. HTTPS on trusted home LAN is useless - only complications for no reason. It's like encrypting your own data and protecting it from yourself. HTTPS to GUI from WAN if forced by the firmware as well as user/pass change on router initial setup - this is the default. Average users have nothing to do with SSH and this is the reason it is disabled. AiProtection sends user data to 3rd party company and not too many users read the EULA - also disabled by default.

it often makes people stop and (hopefully) think for themselves.

This is the goal. As I have said before - do not enable/install firmware options/scripts you know little about or you are unable to diagnose and troubleshoot yourself. I give different advice to different people based on knowledge level. @nospamever mentioned beginner level in one of the posts. You get a Like for your continuous testing of IPv6 for the benefit of the World, even if you have no benefits whatsoever in your country. Please continue and report any issues/bugs discovered. Not sure how you are going to do it on the blind with your home router, but you can try.
 
Status
Not open for further replies.

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top