Tata Sky Broadband: Static IPV6 - Unable to Configure

S

shankar29

Messages
28
Location
NA
ISP
BSNL
Hi,
I have subscribed to Tata Sky Broadband and asked them to activate StatiC IPv6. It was activated, they changed the IPv6 to be issued through Prefix Delegation and the router showed an assignment of a /64 prefix.

XuuLOaU.png


I have been automatically assigned an IP from the given range. Further, I can also see that im issued a static public routable IPv6 address.
2Vm3iYN.png


However, I am unable to ping the same IP address from the internet ( i have disabled firewall, security settings on the router as well as windows firewall) still not able to ping. is anyone facing the same problem? Need help!!!

HbN8B05.png
 
Can you show traceroute to your public IPv6?
 
Hey Thanks for the reply, It seemed to be an issue with the ISP. They have rectified it after I raised a ticket 🙏
 
@shankar29 what was the reason to go in for an IPv6 address? Static addresses are prone to hack attacks. It is better you opt for a dynamic address for security reasons.
 
@C3PO: Just curious, static IPs are more prone to scan bots obviously but with increasing deployment of IPv6 everybody is either given static or a dynamic IP which doesn't change much on restart(due to mass availability of IPs)

so for how long will this arguement work that dynamic is more secure for average home user?
 
ok I undestand static IP part but these days even after multiple restarts we get same dynamic IP?
 
@Realme I will continue to prefer dynamic over static even though I may have a decent firewall/IPS in place. As for IPv6, when using a VPN they disable IPv6 anyways. So currently my preference is dynamic IPv4.

What are your thoughts about this 'argument' i.e. the pros and cons? I'd like to hear them!

Realme said:
ok I undestand static IP part but these days even after multiple restarts we get same dynamic IP?
Click to expand...

It all depends on how the DHCP server is configured. Each MAC address is assigned an unused IP address randomly from the range for that subnet. That IP remains valid for a number of day(s) and can be repeated ad nauseum. The best part of CG NAT is nobody can trace the traffic to you via a shared IP..ditto with shared VPN IPs. Though some of my VPN providers can assign static I prefer not to opt for them for this very reason.
 
Last edited:
Realme said:
ok I undestand static IP part but these days even after multiple restarts we get same dynamic IP?
Click to expand...

Depends on backend configuration. In India, in 90% of the cases, we get a new dynamic IP upon restart. Rarely, ONT / server is configured to provide the same IP to a particular mac for certain number of hours or days.
 
@C3PO : I am too much of a noob to contribute to arguments, so I only asked it to hear/learn from experts here

Maybe what I said is weak on my end and not every provider retains the dynamic IP Over multiple restarts.

I think with respect to Indian ISPs/LCO who provides those cheap generic chinese ONTs/routers the static vs dynamic thing fizzles out as unlike pfSense stuff, they are not upgraded (except when everything went down with BSNL network) and I have linked a POC for GPON router exploit earlier here.

No matter how well protected C3PO's kingdom is, it only takes other plebs to be infected and take the network down with them.

Gaming especially multi-player gaming fever is on rise in India, a long time ago I visited some game-hacking forums and they were literally a full of vulnerability /exploits in the game stack/drivers, a lot of games uses UPnP and the attack surface of games are quite wide.

So rather than going round about the same point, I just feel strongly that these days Dynamics vs Static or just dynamic alone doesn't have good pay offs in terms of security or cost to user/maintainer(ISP), I might be be wrong because this is just an opinion without any experience behind it, so feel free to correct me.
 
@Realme no matter what kind of appliance you use, no network is 100% safe from hackers. Even secret service agencies and the best protected Corporations/Companies in the world lose their business secrets to black hats. The common link? Static router or network gateway WAN IPs.

So the idea is to keep as safe as possible using sensible and implementable 'best practices' if I may call them that for us home users, not that we have national secrets or anything but trojans and ransomware should be of particular concern to us all.

Also, the kind of routers that are installed by ISPs have very basic protection (firewalls) and if possible one should delineate the network 'responsibilities/roles' to different boxes to prevent a single point of failure for e.g via a hardware problem (I had to recover one of my AC APs from a brick state last week), router hijack/malware etc. I also set the router to switch off WiFi radios from 1 am to 6 pm, reduce tranceiver signal strength for a deliberately limited range, automatically set routers to reboot every few days, backup router configurations among other things that could be done by anybody with some interest and basic knowledge in this subject. Hence I prefer a box to handle my firewall/IDS/IPS/WAN PPPoE authentication, and no home grade WiFi routers are good enough ever since I transitioned to pfSense >4 years ago.
 
Last edited:
Thats is the zen of Computer Security, I meant to ask in terms of cost/economic impact.

Does static vs dynamic arguement in terms of security and cost associated with it has significant impact nowadays?
 
Economic impact on whom? The user or the ISP? I don't think there's much of a cost differential if any to assign a static IP from a CG NATed address to a subscriber. Many ISPs charge extra..possibly only to discourage static IPs as they are then removed from a shared pool. Well, I mean if you MUST have a static address, suit yourself..but as I said before I prefer avoiding them.
 
On average how many attacks have you dealt with/detected per month on your overall home network?
 

Similar threads

MikeHolmes
Questions for existing Tata Sky Broadband users
Replies
2
Views
1,740
Rock990
ATX
ACT Fibernet Static IP Performance
2
Replies
27
Views
17,906
RedskyITM
madhusudhan7
Review on Tata Sky+ HD True VOD Service (Download Content Via Broadband Internet on Lan Port)
2 3 4 5
Replies
63
Views
21,801
dyna
S
  • Locked
Tata Broadband and Belkin Wireless router
Replies
2
Views
6,215
y2s
Top