this post was submitted on 30 Jul 2023
18 points (100.0% liked)

IPv6

316 readers
4 users here now

IPv6 Discussions

founded 1 year ago
MODERATORS
 

Their new modem/router doesn't support opening ports in the ipv6 firewall, so if you want to open ports, they recommend disabling ipv6 entirely. For ipv4, they no longer support forwarding ports from only specific source addresses either, which is way less secure. You can only forward ports from all source addresses. You also have to use their crappy app to add port forward rules, it's no longer available in the web ui. You can completely disable the ipv6 firewall in the web ui, but that wouldn't be safe.

Old motorola modem/routers could do all of the above.

It says it can do bridge mode at least, but it seems silly to need 2 devices just to open ipv6 ports.

How are routers being made now in 2023 that don't have proper ipv6 support? It seems crazy to me.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (3 children)

You don't need port forwarding for IPv6 because, unlike IPv4, it doesn't use NAT. It is expected that an IPv6 device will not show up on the "Port Forward" page that was specifically designed to handle IPv4's NAT port rules.

Try to see if there's some dedicated firewall page on the router and there you should be able to "poke a hole" to allow an incoming IPv6 request to reach a device in your network.

[–] Scoopta 3 points 1 year ago (2 children)

I believe OP is already aware of this. At least based on the wording in his post. He specifically says "opening ports in the IPv6 firewall." Could be mistaken though.

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Yup, I'm aware.

There's no page for anything to do with ports for ipv6, and the documentation specifically says it's not available to open ports on ipv6.

The only options for configuring the ipv6 firewall are things like blocking ping, and disabling the ipv6 firewall entirely. There were 5 checkboxes, I forget what the other 3 were. It was at a relatives house I was helping so I can't check right now.

[–] Scoopta 3 points 1 year ago

IMO if you have to put "you can't do xyz with IPv6" in your documentation...then you need to not ship that product...but Comcast is Comcast...sooo