I found it easier just to have the VPN in the smartphone and tablet connected to the router at home, it works everywhere (N or AC doesn’t matter). No matter if I surf from a hotel, airport, bus, airplane, taxi or whatever I always surf from home with adblocker in the router removing the commercials.
I guess the simplest way in a smartphone is to check the connection information in the network settings if you have a IPv4 or IPv6 or both from the hotspot.
BT Hotspots both uses IPv4/IPv6 with CGNAT on 10.x.x.x however TalkTalk and Virgin Media dont have IPv6 yet unless is available on there Business broadband only.
I'd like a checklist as well, mainly to ensure that by partially disabling IPv6 I'm not leaving the kimono open on any remaining non-disabled parts.
My ISP doesn't do dual stack - they do v4 only or ds-lite; ds-lite requires using dhcpv6 and nd-relay for every single device that's meant to go on the internet ... or having me setup 6-6 nats. Since getting ipv6 requires losing incoming ipv4 which I need to access my home network and some services I use, I stick to ipv4 only for now, by having sysctls off.
On my own internal network, i have some devices that are not ipv6 compatible (iot) which would require me to run dual stack for years to come, so I choose to simplify by running v4 only.
To the best of my knowledge, I'm not missing out on anything by having a single public rarely changing ipv4 and not using ipv6 on my router.
Does anyone know of a good 6to4 / 4to6 nat?
Is anyone running tayga or similar?
Sounds like your friend is about not about IPv6 in general but just about ‘IPv6 connectivity’.
If your friend is using OpenWrt not as WAN router but as LAN client like a Wi-Fi access point, then there is nothing to do special because OpenWrt does not enable IPv6 in that scenario on default.
If your friend is using OpenWrt in its default scenario, a WAN router, you edit /etc/config/network via the command-line interface (CLI) and place option disabled 1 into the WAN6 section (or remove the WAN6 completely from within the Web interface LuCI). If your friend does not want any IPv6 in its ‘home network’ either, remove the ula_prefix from the globals section there as well.
With that, OpenWrt has no IPv6 connectivity to the ‘outside world’. Internally, OpenWrt might still do IPv6 here and there. However, I doubt this matters to your friend. By the way, just to add something to the discussion: Neither CZ.nic Turris OS 5.3.0 nor GL.iNet 3.201 enable IPv6 (correctly, yet in the year 2021) in their (dumb) Wi-Fi access point modes. Go figure! I would be more happy if everyone could use its force (and knowledge about OpenWrt) to evangelize such manufactures the correct and full use of IPv6, rather than explaining to a single human (which is not even here) that he should not disable IPv6.
~50% of google traffic from the US, Germany, India, Greece and several other large countries is native ipv6
@Jane I'm a mod over at https://www.reddit.com/r/ipv6 ; there's plenty of folks that can help answer any questions you may have about it. Most of the folks here discussing stats, use for it, etc are on the mark: it's been "here to stay" for a while, even if some ISPs still don't use it. Here in the US, that seems to be WISPs and some older fiber-optic services; the cable companies have largely used it to manage their equipment, and the cell carriers have adopted it to manage their loads. In my sysadmin roles, I also see the constant IPv6-based DNS lookups for various hosts. And any local security issues would be completely to your own subnet (OS services finding each other via fe80 addresses); you're looking all the way back to the late 2000s on that being a thing; let alone Apple's new requirement for network-based apps to support IPv6.
I hope this helps?
If you live in a repressive country where big brother analyses all your internet data usage, then it will be an extra layer of privacy defence that big brother cannot see which data comes from which computer at home.
That is the view a friend of mine takes, but big brother may not just be a Government, it can be big corporations who want to improve their "big data".
Look at how Google Streetview mapped SSID's to streets, broke into routers with poor security or bugs in security, how they then hacked into devices on that network indexing PC's and used the broadband of the victim of their hack to send data home.
Google said it was unintended until whistleblower published memo warning management and was told to proceed anyway. When challenged they said they could destroy the data but not remove it from the index.
They are all at it, so why make it easier by providing a fingerprint of devices when any decent GDPR cookie warning will tell you they will create profile and map other devices you use to determine who you are.
Just look at how hard they work to nag you into submission to create an account.
Now we see Apple adding greater refinement in users ability to not share (which got Facebook bleating) and we see Google looking at not sharing with 3rd party networks.
I'd suspect that if you were living in a repressive country such as you have described then it wouldn't really matter to the authorities what data came from which specific computer within a household.
Did they though? I mean they definitely collected data being transmitted over unsecured Wi-Fi networks, but I'm not entirely sure they hacked into networks...
Report at the time included MS Word documents which are now indexed into Google Index.
Sorry, I was being facetious to a facetious reply.
It was actually more serious than the original consideration that authorities in a suppressive regime would examine all the devices in a household to identify the culprit.
Jool ! ... nice, wil give it a try.
Strange that IPv6 is actually being used in the real world.
Many servers use IPv6 for inter-process communications. If you turn IPv6 off on a host that has software that uses IPv6 for IPC you are going to have some interesting problems.
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.