| > Which means that anybody on the internet gets to know your mac address. Pretty sure all reasonable devices utilise privacy extensions. > ISPs got it wrong ! I'm in Germany, tried 3 different providers, they all assign to my router a /64 subnet instead of /60 or /56 (as recommended by ARIN). If it's wrong is subjective. If it's not a goal to upsell a business connection there might be technical limitations. > No support for multi-homing. Example: You have two connections, a slow reliable one, and a fast unreliable one. With IPv4 you can easily setup multiwan in any proper L3 router. Bit of a niche use-case and still very doable with NAT66. > Captive portals: SLAAC does not directly support assigning DNS servers. I haven't seen a captive portal that wasn't able to intercept DNS or that couldn't MITM all connections to display that page. It's a non-issue. > So it's very easy for malicious devices to flood routing tables of switches by telling them that they own all IPv6 for the whole /64 IPv4 devices can conduct ARP spoofing, no biggie. If it's "very easy" to do either it's just poor switch software. |
I stand corrected by throw0101a answer. This is actually not an issue
> If it's wrong is subjective. If it's not a goal to upsell a business connection there might be technical limitations.
I don't think a Guest network should be considered a business feature
> Bit of a niche use-case and still very doable with NAT66.
Yes or NPT, as I mentioned at the end of my initial answer. But it has its own con.
> I haven't seen a captive portal that wasn't able to intercept DNS or that couldn't MITM all connections to display that page. It's a non-issue.
I also stand corrected by throw0101a, this is a non-issue.
> IPv4 devices can conduct ARP spoofing, no biggie. If it's "very easy" to do either it's just poor switch software.
The actual "switch software" in IPv4 which handles that, is to use an authoritative DHCP server. This does not exist/work in IPv6.