Searching for "ipv6" on Release Notes:

• Omada Hardware Controller V5.3.2 (Released on July 25, 2022)

  • 0 results

• Omada Software Controller_V5.4.6_Linux (Released on July 29, 2022)

  • 0 results

JoaoPTaveira wrote

Searching for "ipv6" on Release Notes:

 

• Omada Hardware Controller V5.3.2 (Released on July 25, 2022)

  • 0 results

 

• Omada Software Controller_V5.4.6_Linux (Released on July 29, 2022)

  • 0 results

• Omada Software Controller_V5.6.3 Has Been Released on Oct 24th, 2022

  • 1 results

• Omada Software Controller_V5.7.4 (Released On November 21st, 2022)

  • 0 results
    

• Omada Software Controller_V5.8.4_Windows (Released on Jan 6, 2023)

  • 0 results
    

Omada Software Controller_V5.8.4_Windows (Released on Jan 6, 2023)

• 0 results

 

 

 

  @JoaoPTaveira Could someone explain to me the (non-referenced) claim I often see from a few users about Omada and the router not having a IPv6 firewall?  Even yesterday on Reddit there was someone claiming that in Omada all the IPv6 ports are wide open and with no blocks.  I've done multiple IPv6 port scans from outside websites to my connection, all came back Stealth.

Isn't 6to4 Tunnel in the IPv6 WAN settings the same as NAT-PT (just without a Cisco name)?

As far as not finding IPv6 in the Omada release notes, I'd think that is because it's added at the router level.  For the most part (for the router), the controller keeps a database of settings, and makes sure the configuration on equipment is correct.  The router is the one with the software to do the routing.  Did TPLink just simply state, "Add support for IPv6" in the 2021 firmware update (yeah that's a bit sparse on the description) but I've taken it that since that release, each new feature added has been for both IPv4 and IPv6, and for the most part that has been true.  Almost all IP input boxes today are able to have either version put into the box, the only exceptions really left are the IP Groups and IP-MAC binding.

Yes would be nice to be able to select IPv6 for view in the analytics and client lists, but more importantly, MAC is available (and I think they need to add local IPv6 ranges to the DHCP).

I have a lot more to learn on IPv6 (like i'm not sure how VLANs work in IPv6), but I don't understand how the same two year old talking points against Omada and IPv6 keep coming up.

Maybe my view is skewed since I have ER7206, which has seemed to have a lot less trouble than the ER605v1

JoeSea wrote

> Could someone explain to me the (non-referenced) claim I often see from a few users about Omada and the router not having a IPv6 firewall?

There are claims about Omada Controller not providing IPv6 Firewall because there's no way to set it up.

> Isn't 6to4 Tunnel in the IPv6 WAN settings the same as NAT-PT (just without a Cisco name)?  

I think you were mislead on the subject due to acronyms and terminology. It happens.

Anyway, the answer is no. Forget terminologies, acronyms and vendors names. Follow the standards.

Don't be confused about NAT-PT with NAT-NPt.

RFC3056 - Connection of IPv6 Domains via IPv4 Clouds 

RFC2766 - Network Address Translation - Protocol Translation (NAT-PT) 

In IPv6 networking, the address space is so huge that you don't need to reuse local address spaces like 10./8 or 192.168.X.0/24 in several departments, buildings, campi, sites, within the same organization in a same country or not. You can setup a quite simple address allocation for a large enterprises and keep firewalls and routing rules easy to manage without the complexity of IPv4 routing and tunneling between sites, backbones and infrastructures. The only issue is the prefix of your address space. Depending of the your ISP, the IPv6 prefix of your address space is different. You could have several internet connections from different ISPs, so different IPv6 prefixes to route your traffic. So, instead of setup everything with some fixed prefix of some ISP, you use a special address space (ULA) inside your network and translate only the prefix.

This is called NAT-NPt.

RFC6296 - IPv6-to-IPv6 Network Prefix Translation 

RFC7157 - IPv6 Multihoming without Network Address Translation

> Almost all IP input boxes today are able to have either version put into the box, the only exceptions really left are the IP Groups and IP-MAC binding.

This could be the answer to your first question, right?

> I have a lot more to learn on IPv6 (like i'm not sure how VLANs work in IPv6), but I don't understand how the same two year old talking points against Omada and IPv6 keep coming up.

VLANs and IPv6 are protocols/mechanisms that work in different scopes, contexts or.. using the correct terminology, they work in different layers.

en.wikipedia.org/wiki/OSI_model

Cheers

Omada Software Controller_V5.9.9_Windows (Released on Feb 22, 2023)

• 9 results (Yey!!!)

3. Added support for the following IPv6 features, all of which require firmware updates for Omada devices:

• Omada EAPs and Switches obtain IPv6 addresses.
• Display the IPv6 addresses of clients reported by Omada EAPs and Switches.
• MLD Snooping and Legal DHCPv6 Server for Omada Switches.
• Switch and EAP ACLs support IPv6.
• EAP URL Filtering supports IPv6.
• IPv6 Static Route for Omada Switches.
• IPv6 Group and IPv6-Port Group.