I usea Netgear router too (R 7000) which did not work with IPv6. It is a firmware issue, after much to-ing and fro-ing with Netgear support they eventually sent me a beta firmware which works fine with IPv6 in a proper dual stack way. However even though it is many months since I was sent that beta firmware they have still not incorporated the fix into any standard firmware update. They don't seem to care about IPv6 working properly.

They will most probably just release a new router with IPv6 support and use that as a selling point.

Paul

LOL
All the existing Netgear routers say they are compatible with IPv6 so I can just see the advert now:
"Unlike all our other routers which claim to have IPv6 compatibility this new one actually works!"
Netgear can't be expected to rush into these new fangled things either, after all it is only 18 years since IPv6 was ratified. It seems they also can't be expected to fully test their routers before release!

I don't understand the enthusiasm for IPV6 amongst SMB & residential end users, unless ISP's are going to take responsibility for traffic monitoring, network security (including the 'other' side of CPE) and training, it's a security nightmare just waiting to happen - imagine the average user having to secure their 'built-to-a-price' ISP supplied router and having every device easily and uniquely identifiable on 'the internet'...
Yes, it will be possible to use a 6to4 NAT to maintain a degree of usability on the 'local' network, unless the hidden v6 address space is secured, it will be entirely possible for traffic to breeze in and out of the local network entirely un-noticed...
https://ittrainingsolutions.com/ipv6/move-to-ipv6-br...
https://www.sophos.com/en-us/security-news-trends/se...
http://www.networkworld.com/article/2171504/tech-pri...

In reply to a post by 10forcash:

it's a security nightmare just waiting to happen

BT and Sky have deployed their routers with an IPv6 firewall enabled, which means that IPv6 connections to devices are no less secure than IPv4. In the same way that you must configure port forwarding for a device to listen to the internet on IPv4, it is necessary to configure the IPv6 firewall to allow an incoming connection too.

Working on a friends Infinity 4 under pfSense.

If it's 'as secure' as ISP's IPv4 firewall implementation, then my point you quoted still stands. What you fail to recognise is that with IPv4, it is easy to harvest a devices MAC and NAT'ed IP address, with IPv6, the harvested IP address will be the devices global address, which makes it far easier to target.
I will only allow IPv6 on airgapped (from other internal and all external) systems until all the weaknesses are known and counterable, until then LAN's will remain IPv4 only and border routers will function as '6to4' stacks.
I do look forward to hearing from early adopters experiences though, you are my guinea pigs!

In reply to a post by 10forcash:

it is easy to harvest a devices MAC and NAT'ed IP address, with IPv6, the harvested IP address will be the devices global address, which makes it far easier to target.

IPv6 devices by default use temporary addresses which means they change regularly, minimising the "harvesting" as you call it. But since the incoming connections are firewalled at the router, it's no issue anyway.

They're temporary but predictable - otherwise there would be potential address conflicts globally. ISP router firewalls by default allow all traffic out, so it's perfectly possible (as it is with IPv4) to inject malicious traffic into a genuine response - something a basic firewall cannot protect against. I have yet to see a SPI solution that is fully interoperable with IPv6 traffic in both directions - and I include commercial equipment in that. So all in all, I only see downsides in the current implementation of public IPv6 addressing, IPv4 address space is (or can be) easily securable from layer2 upwards using mature and well understood methods, IPv6 is too immature to be used as a secure, trusted transport mechanism - both for commercial and consumer data, your data might not be worth 'as much' as harvested commercial data, unless it's your data of course, in which case it's invaluable and a PITA to recover and secure after the event.
So why the headlong rush? I fail to see any benefit to the end user.

In reply to a post by 10forcash:

So why the headlong rush?

"Rush"? You're joking, right? IPv6 became a recognised standard almost 18 years ago. The whole industry has been dragging its heels for far too long getting IPv6 implemented, this all should have been sorted long in advance of IPv4 address exhaustion. Thank goodness major UK ISPs are finally taking it seriously.