In one word: no. In more words: some addressing methods can lead to privacy and security issues, but those aren’t widely used anymore.
IPv6 addresses can be assigned to interfaces by several systems. One of those is SLAAC, or stateless address auto-configuration (comparable to APIPA and the 169.254.0.0/16 address space for IPv4). One method by which it generates globally unique routable addresses is by inserting the interface’s MAC address into the IPv6 address. Since IPv6 generally doesn’t use network address translation (and thus no masquerading), this would advertise your computer’s MAC address to the whole internet. More recently, SLAAC uses pseudorandom temporary (or “privacy”) addresses for interfaces, together with a unique network prefix assigned to the customer (analogous to the single public IPv4 address).
It’s also possible to assign IPv6 addresses statically or by using DHCPv6.
IPv6. No. Badly configured IPv6 routers, yes. But that’s something that would fix itself if it became the only protocol in use. And most routers now are pretty good at it from what I’ve seen. But it used to be the case it was easy to find bad routers.
The myth seems to be that NAT provides security. But a good default configuration for consumer routers would give the same security as NAT while providing the advantages and extra security IPv6 provides.
IPv6 usually has privacy extensions enabled. Which means it will generate throwaway IP addresses that rotate regularly for your outgoing connections, these IPs do not accept incoming connections. So someone cannot nmap you to find open ports based on the IP you connected to their server with.
Not to mention that most ISPs give each user more IPs than the whole IPv4 internet has. So, port scanning an entire /64 is not going to be fun.
Good points, the difference being NAT crossing requires something on the inside to enable it, while IP6 security requires the consumer router to be properly configured.
And I disagree with the assumption that badly configured routers won’t exist if IP6 were the default. Bad design doesn’t magically go away.
The bottom line is small LANs don’t benefit from IP6 today. Large LANS don’t benefit because they already have extensive IP4 configuration in place, and attempting to migrate is costly, risky, and without a clear benefit to offset those costs and risks.
Most likely enterprises may use 6 on new networks, but even that is questionable when so many extant products still rely on 4 - you don’t want to create a problem for those systems.
Doesn’t IPv6 offer less privacy?
Edit: thanks for the answers! Guess it’s a misconception.
Although ipv4 addresses still are easier to remember…
Only if you disable the pseudo address generation that is enabled by default on modern OSs.
No.
In one word: no. In more words: some addressing methods can lead to privacy and security issues, but those aren’t widely used anymore.
IPv6 addresses can be assigned to interfaces by several systems. One of those is SLAAC, or stateless address auto-configuration (comparable to APIPA and the
169.254.0.0/16address space for IPv4). One method by which it generates globally unique routable addresses is by inserting the interface’s MAC address into the IPv6 address. Since IPv6 generally doesn’t use network address translation (and thus no masquerading), this would advertise your computer’s MAC address to the whole internet. More recently, SLAAC uses pseudorandom temporary (or “privacy”) addresses for interfaces, together with a unique network prefix assigned to the customer (analogous to the single public IPv4 address).It’s also possible to assign IPv6 addresses statically or by using DHCPv6.
IPv6. No. Badly configured IPv6 routers, yes. But that’s something that would fix itself if it became the only protocol in use. And most routers now are pretty good at it from what I’ve seen. But it used to be the case it was easy to find bad routers.
The myth seems to be that NAT provides security. But a good default configuration for consumer routers would give the same security as NAT while providing the advantages and extra security IPv6 provides.
IPv6 usually has privacy extensions enabled. Which means it will generate throwaway IP addresses that rotate regularly for your outgoing connections, these IPs do not accept incoming connections. So someone cannot nmap you to find open ports based on the IP you connected to their server with.
Not to mention that most ISPs give each user more IPs than the whole IPv4 internet has. So, port scanning an entire /64 is not going to be fun.
Good points, the difference being NAT crossing requires something on the inside to enable it, while IP6 security requires the consumer router to be properly configured.
And I disagree with the assumption that badly configured routers won’t exist if IP6 were the default. Bad design doesn’t magically go away.
The bottom line is small LANs don’t benefit from IP6 today. Large LANS don’t benefit because they already have extensive IP4 configuration in place, and attempting to migrate is costly, risky, and without a clear benefit to offset those costs and risks.
Most likely enterprises may use 6 on new networks, but even that is questionable when so many extant products still rely on 4 - you don’t want to create a problem for those systems.
In theory, no.
In practice, yes.
No.