You must log in or # to comment.
You might also try asking on [email protected] .
Be advised that even if a VPN offers IPv6, they may not necessarily offer it sensibly. For example, some might only give you a single address (aka a routed /128). That might work for basic web fetching but it’s wholly inadequate if you wanted the VPN to also give addresses to any VMs, or if you want each outbound connection to use a unique IP. And that’s a fair ask, because a normal v6 network can usually do that, even though a typical Legacy IP network can’t.
Some VPNs will offer you a /64 subnet, but their software might not check if your SLAAC-assigned address is leaking your physical MAC address. Your OS should have privacy-extensions enabled to prevent this, but good VPN software should explicitly check for that. Not all software does.
I’m not too familiar with VPNs that offer IPv6 addresses, so I can’t help with that. But I’m curious about why some people want IPv6 addresses. Are there any benefits to having an IPv6 address?
The main benenfit is not having to deal with NAT. You get your own address and your traffic is not conflated with other people’s.
You also get privacy extensions. Your device generates a temporary address for making outgoing connections. The address has no listening sockets. This means that you cannot get portscanned by every website you visit.
You don’t need to try and figure out your external IP address. There’s no differentiation between internal/external addresses. They’re all global, as the internet was intended.
You can throw as many IP addresses on an interface as you want. If you want to run two web servers from one machine, you can have multiple addresses with different services on port 443.
https://ipv6now.com.au/primers/IPv6Reasons.php
Basically, Legacy IP (v4) is a dead end. Under the original allocation scheme, it should have ran out in the early 1990s. But the Internet explosion meant TCP/IP(v4) was locked in, and so NAT was introduced to stave off address exhaustion. But that caused huge problems to this day, like mismanagement of firewalls and the need to do port-forwarding. It also broke end-to-end connectivity, which requires additional workarounds like STUN/TURN that continue to plague gamers and video conferencing software.
And because of that scarcity, it’s become a land grab where rich companies and countries hoard the limited addresses in circulation, creating haves (North America, Europe) and have-nots (Africa, China, India).
The want for v6 is technical, moral, and even economical: one cannot escape Big Tech or American hegemony while still having to buy IPv4 space on the open market. Czechia and Vietnam are case studies in pushing for all-IPv6, to bolster their domestic technological familiarity and to escape the broad problems with Business As Usual.
Accordingly, there are now three classes of Internet users: v4-only, dual-v4-and-v6, and v6-only. Surprisingly, v6-only is very common now on mobile networks for countries that never had many v4 addresses. And it’s an interop requirement for all Apple apps to function correctly in a v6-only environment. At a minimum, everyone should have access to dual-stack IP networks, so they can reach services that might be v4-only or v6-only.
In due course, the unstoppable march of time will leave v4-only users in the past.
Telstra (Australia’s largest telco) now provides IPv6-only to mobile handsets by default. They’ve deployed 464XLAT.
One thing I did is connect to the smart home (Home Assistant) and the NAS running at home. Some internet service providers don’t provide proper IPv4 addresses any more so IPv6 is the most convenient way to connect. This doesn’t require a VPN provider, though.
There are some services that you can host cheaper with ipv6 only without having to buy and attach an external ipv4 address for example. I’ve been thinking of doing that for fun.
I’m not an expert, so somebody may be able to give better responses.
It looks like IPv6 addresses have access to all 65,000 ports, whereas IPv4 addresses need to ‘forward’ them. I don’t know about other VPNs, but the one I’m using only allows forwarding 1 port at a time and I don’t get to choose it.
With IPv6, I hope to be able to have multiple ports open to make it easier to host multiple services.
Port forwarding is a function of NAT. It’s only needed because there aren’t enough ipv4 addresses for every device, so in most networks a lot of devices share a single ip and specific ports are forwarded to specific internal hosts
IPv6 has a large enough address space that this isn’t needed. You can still do it if you want. But mostly you just need a firewall without any NAT.
There’s more to it than this but you should get the idea.
That’s great and all, but how does it help with VPNs only forwarding one port?
You responded to a question with an incorrect answer. I was correcting that.
VPNs shouldn’t need to forward any ports when using ipv6. They can provide an entire ipv6 subnet to you.
Ok, just making sure.
Are you looking for a VPN or are you looking for an IPv6 tunnel broker like Hurricane Electric?
If you just want an IPv6 prefix and don’t need the encryption a VPN provides, you can use an IPv6 broker. Hurricane Electric’s broker is a popular one.
Thanks. I need encryption so that I can host anonymously.
NordVPN I believe. Also AzireVPN owned by Malwarebytes. Some others do for a fee.
