Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsNew Zealand BroadbandISPs that support IPv6
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic
1 | 2 | 3
michaelmurfy
meow
13580 posts

Uber Geek
+1 received by user: 10912

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3265607 28-Jul-2024 18:59
Send private message

Spaghetti:

 

Adding latency and a third party service

 

Vs

 

Securing each system properly in the first place

 

I know which option I choose

 

With me having a full Cybersecurity background I know what option I'll choose here and I do so - Cloudflare Zero Trust Tunnels.

 

The point of presence is either in Auckland or Christchurch so with a webapp the latency added is bugger all...

 

I still secure things properly but using a tunnel to a security platform is also much more secure than exposing a service directly to the internet.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.



Spaghetti
23 posts

Geek
+1 received by user: 5


  #3265610 28-Jul-2024 19:12
Send private message

michaelmurfy:

 

With me having a full Cybersecurity background I know what option I'll choose here and I do so - Cloudflare Zero Trust Tunnels.

 

 

Because nothing says "I'm a cybersecurity expert" by letting another company MITM all your traffic

freitasm
BDFL - Memuneh
80654 posts

Uber Geek
+1 received by user: 41050

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3265613 28-Jul-2024 19:41
Send private message

That escalated quickly.

I trust @MichaelMurfy'credentials in this topic.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 



zespri
424 posts

Ultimate Geek
+1 received by user: 94

Lifetime subscriber

  #3265619 28-Jul-2024 21:15
Send private message

So in terms of fact checking here, can Cloudflare see traffic insude Cloudflare Zero Trust Tunnels in unencrypted form if they wish to? A breif internet research suggest that yes, they can. Can you confirm this is your understanding too @michaelmurfy? Totally understand if that does not bother your, purely checking that we are on the same page fact-wise.

michaelmurfy
meow
13580 posts

Uber Geek
+1 received by user: 10912

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3265629 28-Jul-2024 22:38
Send private message

@zespri yes, but I trust them. Most WAF / Cybersecurity platforms need to inspect traffic to secure it. Banks, and even the govt use Cloudflare and similar products and those platforms have very very strict policies around data. 

 

Sure, there are local appliances and applications that can do similar (eg, I also use a Fortigate) but where I can I prefer to only open ports to the internet when I absolutely need to. 

 

This is however quite off topic but is a good recommendation to somebody on CG-NAT also if they wish to host anything. 




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

gzjdoe

45 posts

Geek
+1 received by user: 16


  #3265997 29-Jul-2024 18:08
Send private message

Back on topic a bit. 😊

I’m looking at quic and one of the questions is whether I want a VLAN id on my connection or leave it untagged.

Should I assign any ID or does it not make a difference if it’s untagged? It’s the only thing about their service that is above my understanding (I do segment my LAN with VLAN IDs and subnets, but don’t know why I should do it for the WAN).

 
 
 
 

Want to support Geekzone and browse the site without the ads? Subscribe to Geekzone now (monthly, annual and lifetime options).
freitasm
BDFL - Memuneh
80654 posts

Uber Geek
+1 received by user: 41050

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3265999 29-Jul-2024 18:12
Send private message

Some New Zealand ISPs use VLAN ID 10 on the WAN side. Depending on who you are with at the moment, and if you are using DHCP, you could ask Quic for the same VLAN configuration and the connection would just switch over when it's transitioned to Quic.

 

Otherwise, you can manually update your router when the time comes.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

zespri
424 posts

Ultimate Geek
+1 received by user: 94

Lifetime subscriber

  #3266002 29-Jul-2024 18:24
Send private message

As freitasm says, the only reason for a tag is that if you already have one and do not want to change this bit of condifuration for the transition

michaelmurfy
meow
13580 posts

Uber Geek
+1 received by user: 10912

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3266015 29-Jul-2024 18:29
Send private message

I’d say just keep it the same as your previous ISP. 

 

So if you’re moving from an ISP that has it tagged then have it tagged still. It means that when the change over happens your connection will likely just change over at the same time then you can clean up settings straight after. 




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

gzjdoe

45 posts

Geek
+1 received by user: 16


  #3266019 29-Jul-2024 18:57
Send private message

zespri:

 

As freitasm says, the only reason for a tag is that if you already have one and do not want to change this bit of condifuration for the transition

 

 

Awesome, thanks everyone. Changing the config in my unifi router is simple but if I can make it simpler even better. I was worried if I had any benefits (performance/security/etc) to consider that I didn't know about.

Delorean
673 posts

Ultimate Geek
+1 received by user: 343

ID Verified
Trusted
Lifetime subscriber

  #3266021 29-Jul-2024 19:15
Send private message

In terms of tagging vs no tagging, is there any technical reasons or advantages either way?

My understanding is the main reason was for priority of voice services for the major ISP's back when fibre was introduced?




Referral Link: | Quic Broadband (use R142206E0L2CR for free setup)

 
 
 
 

Shop on-line at New World now for your groceries (affiliate link).
Handle9
11925 posts

Uber Geek
+1 received by user: 9676

Trusted
Lifetime subscriber

  #3266065 29-Jul-2024 22:39
Send private message

freitasm:

 

gzjdoe:

Thanks, yeah I’m aware of all of the above. But keen to do it with my own domain and fixed IP. Just taking it a different path, hence why I’m keen to get a static IP.

 

 

I use IPv6 and self-host a lot of stuff, mostly Docker containers on my NAS but some other stuff too.

 

There's no way I would expose any of it to the Internet. It's just asking for trouble,

 

IPv6 or not, just use Cloudflare Tunnels and Cloudflare Zero Trust Applications to manage access to the services you put out there.

 

 

You can't do that with Jellyfin, it'll get you banned. Immich it works well.

freitasm
BDFL - Memuneh
80654 posts

Uber Geek
+1 received by user: 41050

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #3266066 29-Jul-2024 22:41
Send private message

Correct. Streaming is not an acceptable use of Cloudflare Edge without the proper package added.




Referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies 

 

Support Geekzone by subscribing (browse ads-free), or making a one-off or recurring donation through PressPatron.

 

Greendrake
86 posts

Master Geek
+1 received by user: 5


  #3279105 5-Sep-2024 03:25
Send private message

MaxineN: Almost every ISP to my knowledge except Spark support IPv6.

 

I am on Zeronet trying to figure out if it is supported. This question in their FAQ implicitly means that it probably is: "IPv6 Settings (OPTIONAL if your router supports it)"

 

The fibre box (ONT 300 a.k.a. Nokia G-140W-C) has all IPv6-related settings disabled though (which I guess means they are locked by the ISP):

 

 

 

Their support has been ignoring me. Does anyone know if they support it?

michaelmurfy
meow
13580 posts

Uber Geek
+1 received by user: 10912

Moderator
ID Verified
Trusted
Lifetime subscriber

  #3279164 5-Sep-2024 08:39
Send private message

Greendrake:

 

MaxineN: Almost every ISP to my knowledge except Spark support IPv6.

 

I am on Zeronet trying to figure out if it is supported.

 

Their support has been ignoring me. Does anyone know if they support it?

 

That's a bit of a worry... ONT RGW mode is getting decommissioned on the 31st of October. I'm surprised they have not migrated you yet.

 

You need to contact them and use your own router however contacting them is difficult from what I've seen on threads on here and also from what I've seen from other customers, support is essentially not there at all.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

1 | 2 | 3
Filter this topic showing only the reply marked as answer View this topic in a long page with up to 500 replies per page Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright