It doesn’t fix it, per se, rather removes the need for layers of hacks such as nat and cg-nat. Every device gets a globally routable IP - no need to forward anything, just open the port you want.
This doesn’t solve for VPNs no longer offering it though, unless the VPN services started offering pure v6 via tunnel at some point while I wasn’t looking. I know I’ve never seen a v6 pier in the last few years since I started sailing again.
Yeah thats been my issue. It works fine on my unprotected IP. But I don’t have the cash to spend on expensive vpns and the cheap options seem to universally be shlt for port forwarding, ie. seeding
Port forwarding is necessary due to NAT not firewalls.
It’s not that your router blocks new incoming connections at port X, it’s that it does not know which local client it’s meant for, since it’s addressed to the public IP that is held by your router.
With IP6 it’s lan client also gets assigned a public IP6 address (as there are plenty) and so the router receives a connection addressed to a Lan client and knows where to route it.
But how does this change using VPNs with torrenting? Especially because it seems like the vast majority don’t support ipv6 as well as openvpn often leaking ipv6 IPs.
IPv6. My stupid ISP actually shipped their router with all inbound ipv6 blocked with no way to unblock it, so I set up opnsense. Works like a charm!
At least your stupid ISP has IPv6. Mine doesn’t (yet).
Fair enough, I guess. Still, I was dumbstruck by lack of ability to open up a port.
My ISP blocks SMTP but other than that the ports work fine.
Glad to hear! Not that you’d want to send email from a residential IP anyway - if not for your ISP, every email service wouls bounce it anyway.
I’m very uneducated about this stuff. How does IPV6 fix that issue?
It doesn’t fix it, per se, rather removes the need for layers of hacks such as nat and cg-nat. Every device gets a globally routable IP - no need to forward anything, just open the port you want.
This doesn’t solve for VPNs no longer offering it though, unless the VPN services started offering pure v6 via tunnel at some point while I wasn’t looking. I know I’ve never seen a v6 pier in the last few years since I started sailing again.
Yeah thats been my issue. It works fine on my unprotected IP. But I don’t have the cash to spend on expensive vpns and the cheap options seem to universally be shlt for port forwarding, ie. seeding
What about ivpn? I was planning to try that myself.
No idea but torrentfreak always posted a “best vpn of year xyz”. I’d go with that one. (Or check if mullvad has any tutorial on the subject.)
opnsense sounds like what I was looking for (if I understand correctly)
I had no idea there was a way to go around the ipv6 restrictions
How does IPV6 makes port forwarding possible?
It’s not v6 itself, it’s rather lack of layers of nat that prevent forwarding a v4 for most folks.
Hmm, so no firewall in the router blocking ports, instead blocking happens on the actual client?
Port forwarding is necessary due to NAT not firewalls.
It’s not that your router blocks new incoming connections at port X, it’s that it does not know which local client it’s meant for, since it’s addressed to the public IP that is held by your router.
With IP6 it’s lan client also gets assigned a public IP6 address (as there are plenty) and so the router receives a connection addressed to a Lan client and knows where to route it.
Ah interesting! TIL. Thank you!
But how does this change using VPNs with torrenting? Especially because it seems like the vast majority don’t support ipv6 as well as openvpn often leaking ipv6 IPs.
Not sure since I don’t use a VPN. If they assigned a unique public IP per user they could just forward every incoming connection to the user’s PC.
If they don’t they need to setup some port forwarding rules.
If openVPN leaks IPs that’s surely a bug, if it’s specific to v6 you can’t use openVPN and IPv6 till the bug is fixed
The router is still your firewall, it just doesn’t need to do NAT with IPv6
Normally firewall is on the router. Sensitive environments usually run one on the client as well.