Comment by MPSimmons
6 hours ago
>This difference in theory versus practice is precisely why we see people objecting that IPv4 is more secure as far as default configurations go when it comes to home use.
I mean, I agree with them. I think people who say 'NAT is not security' are only correct in the absolute most pendantic way and that the way NAT is commonly configured is literally the only reason the internet doesn't consist mostly of botnets.
But I also suspect that if IPv6 were more common, we as a society would be better at it, and not do dumb things like hand out globally routable IPs via DHCP6
The whole premise of IPv6 is that every device should have a globally routable IP. This thread went into DHCP for some reason, but that is uncommon and not recommended for IPv6, where you're supposed to use SLAAC. With SLAAC, I'm not even sure you could realistically disable the ability to get a public IP. And if you did, I'm not sure you could allow a device to access the Internet over IPv6 with a consumer router without it having a publicly routable IPv6.