[LINK] home routers, security, privacy, zero config, IPv6 and NAT or no NAT

[Kim Holburn]

I wonder about this because as I said, I'm not that familiar with IPv6.  So perhaps those with more IPv6 understanding could answer me.

The current crop of consumer home modem/routers can be very easy to configure and maintain some base level of security.  In some countries you don't even get to configure them.  They come with a random password set by the ISP and they log in to your ADSL account automatically.  

Consumer modem/routers get their public (or a valid) IP from the ISP and they have a subnet of valid IPs that they give out to home devices.  Anyone can connect to them, get a valid IP and connect to the internet.  Unique details of their home machines, like their MAC Address, things that could identify their machines are not given out *by the router*.

Someone can stuff up the config and as long as it still works, it's still likely to block most incoming stuff due to NAT.  

The ISP doesn't get any control over what you have behind your modem/router.  Maybe not even any knowledge of it.  How many devices, how large your home network is, no-one else knows.  You didn't have to get your subnet range from anyone.  Would any system of giving out IPv6 Addresses cope with the shear mass of home network users? Would it add to the cost of a home network?  Would they even understand what to ask for and how then to configure a device?  Would that have to be done by the ISP?  Would that be a loss of privacy?

So, are home routers with these sort of privacy and security capabilities possible with IPv6?  Available?
 
How would they work?

Most of the people who work with IPv6 seem to work with big corporate or technical networks, not consumer level networks.


-- 
Kim Holburn
IT Network & Security Consultant
T: +61 2 61402408  M: +61 404072753
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request