how-to block ads
|
Soho97UK
join:2004-08-18
UK | IPv6 Consumer Routers ? Are there any (apart from Cisco) ?  | |
|  keeska
Premium
join:2007-04-06
Sedona, AZ | Re: IPv6 Consumer Routers ? Third party firmware for the wrt54g and related routers which does IPv6 is readily available. Third party firmware for other routers is also available but I have not looked to see if it supports IPv6 or not. | |
| | jrowley
join:2006-09-06
Mauldin, SC
 ·Charter Pipeline
| Re: IPv6 Consumer Routers ? I have one of the Linksys draft-n routers. It barely supports v6. You can configure dual stack, but the wan still doesn't support v6. I had to get a separate linksys and load openwrt on it to get a tunnel to work.
As a CLEC with a large dslam deployment, I'd love to start deploying afforadble v6 cpe, but unfortunately, our vendors don't seem to care much. | |
| | | 
PGHammer
join:2003-06-09
Accokeek, MD
clubs:
·Comcast
| Re: IPv6 Consumer Routers ? There's a modified version of the WhiteRussian RC6 firmware for the Linksys routers and their clones (all except the CiscoWorks/VxWorksOS routers are known to work, including the WRT54G-series, especially GL and GS). I have a GS with this firmware, which can supply IPv6 addresses to any client connected to the router, wired or wireless, as long as the client OS supports IPv6 (Windows XP with SP2 and Windows Vista both support IPv6 directly, as does OS X 10.4 and later). | |
| | 
benc
Premium
join:2007-06-17
Glen Carbon, IL | Is it an option to run Linux on an older PC?
Even if the PC has only one NIC, it's not expensive to just get a second NIC. | |
| 
justbits
More fiber than ATT can handle
Premium
join:2003-01-08
Chicago, IL | Apple's Airport Extreme base station handles IPv6.
I've got my Linksys WRT54GS running DD-WRT v23 doing IPv6 via 6to4. | |
| | |
justbits
More fiber than ATT can handle
Premium
join:2003-01-08
Chicago, IL
 ·AT&T Midwest
| Re: IPv6 Consumer Routers ? You're ignoring some important functions of IPv6. A link-local IPv6 address can be used to isolate IPv6 packets from being routed to the Internet. All IPv6 capable network interfaces automatically configure themselves with a IPv6 link-local address by default.
An IPv6 capable thermostat does not need to listen to IPv6 router advertisements and could ignore any site-local IPv6 configuration. If the IPv6 thermostat you buy does listen to IPv6 router advertisements, well the device manufacturer is supposed to provide a way to control access to the device (firewall, authentication).
Think of it like this: a device obtaining a link-local address can talk to other hosts that are on the same LAN (think Zeroconf, link-local IPv4 addresses like 169.x.x.x). A device configured to use site-local addresses would be using an IPv4 private-network (192.168.x.x, 10.x.x.x, 172.blah) similar address.
IPv6 devices are not required to listen to or participate in router advertisements. If a device ignores router advertisements and only deals with link-local addresses, that device would effectively be isolated on your home network. Someone would need to hack into a link-local interface on your router to get at your link-local thermostat.
So, if you really have to web surf from your IPv6 compatible fridge or your toaster, go ahead and buy one that listens to router advertisments. If you think you can't trust that IPv6 toaster or IPv6 fridge, then, yes, the weakest link in your security is your toaster or fridge. And again, it's up to the network admin or the customer to know what security policy they need and what security policy the device implements.
Yes, I agree that consumer routers are deficient by not providing good GUIs for firewalling IPv6, but with IPv6, it's not a requirement that a router protect every device on the network. 2^64 or even 2^48 is a lot of address space to protect! Sure, it would be a nice added value feature to be able to easily firewall new IPv6 hosts, but I'm saying it isn't a necessity if the IPv6 capable device just doesn't obtain an Internet routable IPv6 address in the first place. | |
| | | |
|
·