Rogers & IPV6 - Page 3 - Canadian TV, Computing and Home Theatre Forums
Reply
 
LinkBack Thread Tools Search this Thread Display Modes

post #31 of 135 (permalink) Old 2016-04-19, 11:45 AM
Veteran
 
Join Date: Jun 2011
Location: 43░ N, 81.2░ W
Posts: 5,224
I'm just wondering how IPv6 affects a router running NAT. Does NAT keep working or does IPv6 blow through it? I would like to try IPv6 but it would result in chaos without an orderly transition for some devices and systems with fixed IPs.
ExDilbert is offline  
Sponsored Links
Advertisement
 
post #32 of 135 (permalink) Old 2016-04-19, 01:27 PM
 
Join Date: Nov 2003
Location: Toronto, ON
Posts: 626
ExDilbert, I'm by no means an expert and i'm still getting my head around IPv6 but I will try and answer your questions. Hopefully others more knowledgeable than me will clarify what I've said or correct my mistakes.

If you enable IPv6 on an IPv6 capable router and are running a dual-stack network, in which your devices are configured for both IPv4 and IPv6 (this is how we will be running for the foreseeable future) then:

1. For IPv4 traffic nothing will change. NAT will continue to work as it always has and your devices will continue to share the one IPv4 address assigned to the router's WAN interface.

2. For IPv6 traffic, your IPv6 capable devices will connect directly to IPv6 capable end points, i.e. google.com.

For security purposes, IPv6 routers should include a stateful firewall which will block traffic from the outside from getting to your devices on your LAN.

Some reading: IPv6 Security Myth #3 ? No IPv6 NAT Means Less Security | Deploy360 Programme

As for devices and systems with fixed IPv4 addresses I don't see a reason why you can't direct traffic to them by opening ports in the firewall using their IPv6 addresses. Note that unlike with IPv4, devices using IPv6 don't require port forwarding, you merely open ports in the firewall specifically for them using their IPv6 address.

I don't see why you can't use the IPv6 address that the devices self-configure (since it is derived from the MAC address so should not change) or you can't assign the device a fixed IPv6 address for port forwarding purposes.

Here is a quick video on IPv6 addressing: https://www.youtube.com/watch?v=FgT0BM6ep0M
Gino Cerullo is offline  
post #33 of 135 (permalink) Old 2016-04-19, 09:55 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
Quote:
I'm just wondering how IPv6 affects a router running NAT.
While you could do NAT with IPv6, there's really no need for it. NAT was created as a work around for the shortage of IPv4 addresses. With IPv6, there's enough public addresses that every device can have lots. There are addresses ranges with a limited scope, such a non-routable and routable over a private network. As for IPv4 NAT, it will keep working as before. I do that here, with NAT IPv4 addresses for all my devices and public IPv6 addresses for every capable device.

Meanwhile, back at the ranch...
JamesK is online now  
 
post #34 of 135 (permalink) Old 2016-04-19, 10:19 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
Quote:
Here is a quick video on IPv6 addressing
I just watched that video. He missed the point about why that 7th bit is inverted. That bit is what is used to indicate whether the MAC address is the original, burned in MAC or a locally administered one. A 1 indicates locally administered. Now in that video he mentioned creating simple addresses such as 100. But doing that will set the 7th bit to 1, which means instead of the simple address, you now have one with the 7th bit set to 1 and then the rest of that address. By inverting that bit, locally administered simple address will remain as created, without that 7th bit messing things up.

Meanwhile, back at the ranch...
JamesK is online now  
post #35 of 135 (permalink) Old 2016-04-20, 12:00 AM
 
Join Date: Nov 2003
Location: Toronto, ON
Posts: 626
Thanks for that clarification JamesK. Just goes to show you can't trust everything you read or see on the Internet.
Gino Cerullo is offline  
post #36 of 135 (permalink) Old 2016-04-20, 07:04 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
^^^^
Well, he was OK as far as he went, but just missed that point.

Meanwhile, back at the ranch...
JamesK is online now  
post #37 of 135 (permalink) Old 2016-05-03, 06:59 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
I'm finally getting IPv6 from Rogers. I had to replace my Cisco modem with a Hitron CGN3ACSMR and in the process wound up reducing my bill by $50/month, even though my plans are pretty much the same as before.

Meanwhile, back at the ranch...
JamesK is online now  
post #38 of 135 (permalink) Old 2016-05-03, 03:24 PM
Veteran
 
Join Date: Jun 2011
Location: 43░ N, 81.2░ W
Posts: 5,224
Rogers has been offering incentives for modem upgrades to DOCSIS2 modems for several years. DOCSIS3 is more efficient on their network and enables faster speeds with less overhead. IPv6 is a bonus.
ExDilbert is offline  
post #39 of 135 (permalink) Old 2016-05-03, 05:22 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
^^^^
I had a Cisco modem that was DOCSIS 3, but for some reason Rogers wouldn't enable it for IPv6, even though I used it in bridge mode. I've been playing with the Hitron modem/router and have come to the conclusion that it's firewall is somewhat useless, so I'm back to bridge mode and a computer running Linux as my firewall/router.

Meanwhile, back at the ranch...
JamesK is online now  
post #40 of 135 (permalink) Old 2016-05-04, 02:45 AM
Veteran
 
Join Date: Jun 2011
Location: 43░ N, 81.2░ W
Posts: 5,224
Rogers has not supplied Cisco modems for at least 3 years. They are probably not actively supporting them. I asked them to let me use my existing modem or supply a Cisco modem over 3 years ago and they said no. The choice was between two Hitron modem/routers.
ExDilbert is offline  
post #41 of 135 (permalink) Old 2016-05-04, 06:54 AM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
^^^^
After trying that Hitron firewall, I decided to go back to bridge mode, with a Linux computer for firewall/router. I had another Hitron a few years ago and it was so ugly I hated to have it on my shelf. When it comes to network equipment, I have much more confidence in Cisco than Hitron. (BTW I am a CCNA)

Meanwhile, back at the ranch...
JamesK is online now  
post #42 of 135 (permalink) Old 2016-05-25, 05:52 PM
Veteran
 
Join Date: May 2009
Location: Mississauga
Posts: 7,165
I've been running IPv6 on Rogers for a few weeks now. To get IPv6, you need the correct modem. Only certain modems support it. Also, if you have the modem in bridge mode, for use with a separate router, that router has to support DHCPv6-PD in order to get the /64 prefix for your network. Not all routers do. I have a computer, running pfsense, for my firewall/router. It works well.

Meanwhile, back at the ranch...
JamesK is online now  
post #43 of 135 (permalink) Old 2016-05-26, 09:38 AM
 
Join Date: Jul 2003
Location: Toronto,
Posts: 1,255
I have not read the whole thread, so excuse me if my questions have been discussed. I am just starting to play with openvpn, If I install IPv6, does it mean I do not need vpn any more? If I am out side of my home network, do my devices (iphone, laptop, etc) revert back to IPv4 if IPv6 is not available at the free wifi zone?

Edit: I thought my modem CGN3ACSMR (rogers) has IPv6, but just checked and it does not have it. I'll keep working on my vpn.

Yammy RXV2400 & CDC815, Celestion DL8 fr Mission 73Ci ctr Sansui rear Velodyne CHT8, Vaio TT180, i7-920@3.8Ghz
e268 is offline  
post #44 of 135 (permalink) Old 2016-05-26, 01:40 PM
 
Join Date: Jan 2007
Posts: 381
@ e268: I am pretty sure that CGN3ACSMR has IPv6. I have this modem / router, using it in gateway mode and recently I've noticed a new IPv6 address, on top of the IPv4 address. I did, however, disable it on the computer.

As for VPN, I'm not an expert, but I'll try to answer that too. I'd say you probably want to keep it. Your router will be broadcasting both IPv4 and IPv6 addresses, and if you don't want them displayed, you will need your VPN. Also, make sure that your VPN does not leak either one.
DonR is online now  
post #45 of 135 (permalink) Old 2016-05-26, 03:05 PM
 
Join Date: Jul 2003
Location: Toronto,
Posts: 1,255
Thanks, but I do not see where in the Hitron menu where it listed IPv4 or IPv6, It only shows the IPv4 address. I am sure I have seen it before, but not now. Where is it listed?

Yammy RXV2400 & CDC815, Celestion DL8 fr Mission 73Ci ctr Sansui rear Velodyne CHT8, Vaio TT180, i7-920@3.8Ghz
e268 is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Canadian TV, Computing and Home Theatre Forums forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in









Human Verification

In order to verify that you are a human and not a spam bot, please enter the answer into the following box below based on the instructions contained in the graphic.



Thread Tools Search this Thread
Show Printable Version Show Printable Version
Email this Page Email this Page
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode



Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome