An Anonymous Coward writes:
APNIC reminds us that "there are now a large number of ISPs, data centres, cloud services, and software that now support IPv6" and "enabling IPv6 can be as simple as clicking a button on your WiFi router."
I turned it on, with Comcast I received an IPv6 route but no DNS server. Fortunately, Google Public DNS has unmemorable addresses, which I was able to configure manually.
It works. "There's only one thing left for you to do: Turn it on!"
[ ed: What are the alternatives to Google's Public DNS? ]
IPv6 is too new for anyone to have really figured out the privacy risks.I put too much effort into maintaining privacy online, I'm not going to risk all that work to be a guinea pig.My VPN service explicitly turns off IPv6 in order to make sure nothing leaks out via that path and I'm good with that.
I suspect that becoming an IPv6 expert could lead to some lucrative consulting gigs as it gets rolled out world-wide. But that's the only reason I can see for someone like me to even consider turning it on. Even then I'd probably only do it on a separate subnet dedicated just testing.
My VPN service explicitly turns off IPv6 in order to make sure nothing leaks out via that path and I'm good with that.
Then you should block outgoing the Teredo port (3544) and the IPv6 encapsulation protocol (41). I'm finding all sorts of nasty stuff happening on the LAN side.
I suspect that becoming an IPv6 expert could lead to some lucrative consulting gigs as it gets rolled out world-wide.
Yeah it's exactly like Y2K except there's no deadline and no compelling reason to switch and nobody cares about it. So lucrative.
IPv6 is too new for anyone to have really figured out the privacy risks.
I was a little surprised when an IPv6 testing site told me I was using a Compaq MAC address (SLAC). That tells you something about the age of my computer (assuming I did not moved the NIC to a new machine).
Who else thought this was about using google's dns? They already know too much about you, no need to give them everything!
OpenNIC [opennicproject.org] has a few servers [opennicproject.org] you could use.
"Too new"? I've been using it for over 15 years!
My current ISP supplies a router which has firewall rules for v4 and v6, pretty simple to configure, including forwarding and filtering. Turn on computer, get v4 and v6 addresses. Works without any effort. I don't really care if the world can derive my MAC address from my v6 address; but if you do then there are privacy extensions and other ways to assign addresses.
> "Too new"? I've been using it for over 15 years!
You are correct. Technically correct which is the best kind of correct.It lets you ignore the point in favor of a literal misunderstanding. Congratulations on your aspergers!
> I don't really care if the world can derive my MAC address from my v6 address
That is only the babiest of baby steps. That you think MAC address tracking is the be all and end all of the privacy risks that ipv6 brings with it, then ipv6 really is new to you.
Yes, even being an IPV6 half-ass can yield you some good gigs. Being able to identify this in front of the businesses with money can make you a hero, even if you make gobs of money, you still can save them gobs by getting rid of those people that just are riding the crest, like those self identified experts that called themselves cloud engineers. I havent heard a cringe worthy name for IPV6 specific engineers, but I think someone is trying to invent one, somewhere...
The fact that it costs so much to go legit with IPV6 (and get your own ranges) has rendered the field as a place filled with half-asses, so get going while the going is good. It is hard to use IPV6 locally with most consumer stuff right now as it is. Much of it is rudimentary and basic, but yeah it sorta works. IPV4 on NT 4.0 works better in comparison to IPV6 on most stuff one can get from the local best buy or similar store (this has been my experience). IPV6 may work better on custom firmwares on that same best buy hardware -- but perhaps only a few reading this will go out of their way to do that. And find their ISP has a real problem with it.
I expect 2017/2018 to be when things really pick up speed -- because of IoT and smart this and smart that, and robot cars and etc... don't expect them all to use carrier grade NAT!