IPv6 ICMP: the solution, but do we really need it?


Slavic

Well-known member
Member
VIP
Local time
11:05 PM
Posts
218
OS
Windows 11 Pro; Windows 8.1 Pro
If you performed the IPv6 test on IPv6 test - IPv6/4 connectivity and speed test (it should be noted, there are some other IPv6 test websites), you most likely noticed that it shows your PC unreachable by ICMP protocol. This is the common result for most of Windows OS, not only 11. But the pop-up explanation says that "IPv6 relies heavily on ICMP".

In some case ICMP filtering may be performed by local router, rarely by ISP, most often by Windows Firewall. Firewall settings depend on Windows version; to enable ICMP echo in Windows 11 you need to do this:
1. Open Settings, Network & internet, Advanced network settings, Windows Firewall link (it opens Windows Security window, Firewall & network protection).
2. Open Advanced settings link (it opens Windows Defender Firewall and Advanced Security window).
3. Select Inbound Rules, then Core Networking Diagnostics - ICMP Echo Request (ICMPv6-In); there are two profiles with this name, need to select "Private, Public" profile, not "Domain". By default, this rule is disabled.
4. Open the rule window, on the General tab select Enabled, then on the Scope tab in "Remote IP address" group select "Any IP address" instead of predefined "Local subnet".
5. OK, close all opened windows.
Now you can perform the test again and it should show ICMP as Reachable.

But does this solution really improves IPv6 connectivity, for example, for better stability of VPN or other services like online videogames? Or the disadvantage in possible exposing of IPv6 address by echo reply is more significant than possible, but not very important benefits.
 

My Computer

System One

  • OS
    Windows 11 Pro; Windows 8.1 Pro
    Computer type
    PC/Desktop
    CPU
    i7-12700K (Alder Lake)
    Motherboard
    Asus PRIME Z690-M Plus D4
    Memory
    16 GB (2x8 Corsair DDR4-2132)
    Graphics Card(s)
    Asus GeForce 1050 Ti, 4 GB
    Monitor(s) Displays
    Philips 235PQ
    Screen Resolution
    1920x1080
    Hard Drives
    Windows 11: Samsung SSD 870 EVO, 500 GB (SATA), MBR
    Windows 8.1: Samsung SSD 980 PRO, 500 GB (M.2), MBR
    PSU
    Platimax D.F. 1050 W (80 Plus Platinum)
    Internet Speed
    Local link 1 Gbps, provider's line 500 Mbps
    Browser
    Google Chrome
    Other Info
    Realtek PCIe GbE Family Controller (for Windows 8.1 compatibility)
    Microsoft Office H&S 2013 x64
Good catch. On Win 10 that measurement shows as FIltered, but the overall score for my 2 PC's is the same. The VPN I use does not have IPV6 protection but has a switch for IP/DNS Protection (which disables IPV6).
No observed network or connectivity issues with Win 11 so no apparent need to enable ICMP on my PC.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    HP / Spectre x360 Convertible 13
    CPU
    i5-8250U
    Motherboard
    83B9 56.50
    Memory
    8GB
    Graphics Card(s)
    Intel(R) UHD Graphics 620
    Sound Card
    Realtek High Definition Audio(SST)
    Screen Resolution
    1920 x 1080
    Hard Drives
    Toshiba 256GB SSD
    Internet Speed
    500Mbps
    Browser
    Firefox, Edge
    Antivirus
    Windows Defender
But does this solution really improves IPv6 connectivity, for example, for better stability of VPN or other services like online videogames? Or the disadvantage in possible exposing of IPv6 address by echo reply is more significant than possible, but not very important benefits.

Yeah, at the end of the day that's my question - what's the overall benefits?
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 (Build 22631.3296)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom built
    CPU
    Intel i9-9900K
    Motherboard
    Gigabyte Aorus Z390 Xtreme
    Memory
    32G (4x8) DDR4 Corsair RGB Dominator Platinum (3600Mhz)
    Graphics Card(s)
    Radeon VII
    Sound Card
    Onboard (ESS Sabre HiFi using Realtek drivers)
    Monitor(s) Displays
    NEC PA242w (24 inch)
    Screen Resolution
    1920 x 1200
    Hard Drives
    5 Samsung SSD drives: 2X 970 NVME (512 & 1TB), 3X EVO SATA (2X 2TB, 1X 1TB)
    PSU
    EVGA Super Nova I000 G2 (1000 watt)
    Case
    Cooler Master H500M
    Cooling
    Corsair H115i RGB Platinum
    Keyboard
    Logitech Craft
    Mouse
    Logitech MX Master 3
    Internet Speed
    500mb Download. 11mb Upload
    Browser
    Microsoft Edge Chromium
    Antivirus
    Windows Security
    Other Info
    System used for gaming, photography, music, school.
  • Operating System
    Win 10 Pro 22H2 (build 19045.2130)
    Computer type
    PC/Desktop
    Manufacturer/Model
    Custom Built
    CPU
    Intel i7-7700K
    Motherboard
    Gigabyte GA-Z270X-GAMING 8
    Memory
    32G (4x8) DDR4 Corsair Dominator Platinum (3333Mhz)
    Graphics card(s)
    AMD Radeon R9 Fury
    Sound Card
    Onboard (Creative Sound Blaster certified ZxRi)
    Monitor(s) Displays
    Dell U2415 (24 inch)
    Screen Resolution
    1920 x 1200
    Hard Drives
    3 Samsung SSD drives: 1x 512gig 950 NVMe drive (OS drive), 1 x 512gig 850 Pro, 1x 256gig 840 Pro.
    PSU
    EVGA Super Nova 1000 P2 (1000 watt)
    Case
    Phantek Enthoo Luxe
    Cooling
    Corsair H100i
    Mouse
    Logitech MX Master
    Keyboard
    Logitech MK 710
    Internet Speed
    100MB
    Browser
    Edge Chromium
    Antivirus
    Windows Security
    Other Info
    This is my backup system.
But does this solution really improves IPv6 connectivity, for example, for better stability of VPN or other services like online videogames? Or the disadvantage in possible exposing of IPv6 address by echo reply is more significant than possible, but not very important benefits.
Yeah, at the end of the day that's my question - what's the overall benefits?

According to Cloudfare (CDN provider to many websites, including this one)....

What is ICMP used for?

The primary purpose of ICMP is for error reporting. When two devices connect over the Internet, the ICMP generates errors to share with the sending device in the event that any of the data did not get to its intended destination. For example, if a packet of data is too large for a router, the router will drop the packet and send an ICMP message back to the original source for the data.

A secondary use of ICMP protocol is to perform network diagnostics; the commonly used terminal utilities traceroute and ping both operate using ICMP....

As both Tracert and Ping work fine without enabling inbound ICMP connections in the W10/W11 Firewall I see not advantage in removing the filtering, only the possibility of making your machine more exposed to others who may be trying to probe it.
 

My Computers

System One System Two

  • OS
    Windows 11 Home
    Computer type
    Laptop
    Manufacturer/Model
    Acer Aspire 3 A315-23
    CPU
    AMD Athlon Silver 3050U
    Memory
    8GB
    Graphics Card(s)
    Radeon Graphics
    Monitor(s) Displays
    laptop screen
    Screen Resolution
    1366x768 native resolution, up to 2560x1440 with Radeon Virtual Super Resolution
    Hard Drives
    1TB Samsung EVO 870 SSD
    Internet Speed
    50 Mbps
    Browser
    Edge, Firefox
    Antivirus
    Defender
    Other Info
    fully 'Windows 11 ready' laptop. Windows 10 C: partition migrated from my old unsupported 'main machine' then upgraded to 11. A test migration ran Insider builds for 2 months. When 11 was released on 5th October it was re-imaged back to 10 and was offered the upgrade in Windows Update on 20th October. Windows Update offered the 22H2 Feature Update on 20th September 2022. It got the 23H2 Feature Update on 4th November 2023 through Windows Update.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 4GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Beta as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 4GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, and Canary builds as a native boot .vhdx.
  • Operating System
    Windows 11 Pro
    Computer type
    Laptop
    Manufacturer/Model
    Dell Lattitude E4310
    CPU
    Intel® Core™ i5-520M
    Motherboard
    0T6M8G
    Memory
    8GB
    Graphics card(s)
    (integrated graphics) Intel HD Graphics
    Screen Resolution
    1366x768
    Hard Drives
    500GB Crucial MX500 SSD
    Browser
    Firefox, Edge
    Antivirus
    Defender
    Other Info
    unsupported machine: Legacy bios, MBR, TPM 1.2, upgraded from W10 to W11 using W10/W11 hybrid install media workaround. In-place upgrade to 22H2 using ISO and a workaround. Feature Update to 23H2 by manually installing the Enablement Package.

    My SYSTEM THREE is a Dell Latitude 5410, i7-10610U, 32GB RAM, 512GB ssd, supported device running Windows 11 Pro (and all my Hyper-V VMs).

    My SYSTEM FOUR is a 2-in-1 convertible Lenovo Yoga 11e 20DA, Celeron N2930, 4GB RAM, 256GB ssd. Unsupported device: currently running Win10 Pro, plus Win11 Pro RTM and Insider Beta as native boot vhdx.

    My SYSTEM FIVE is a Dell Latitude 3190 2-in-1, Pentium Silver N5030, 4GB RAM, 512GB NVMe ssd, supported device running Windows 11 Pro, plus the Insider Beta, Dev, and Canary builds as a native boot .vhdx.
As both Tracert and Ping work fine without enabling inbound ICMP connections in the W10/W11 Firewall I see not advantage in removing the filtering, only the possibility of making your machine more exposed to others who may be trying to probe it.
Although I don't have much proficiency in networking, my conclusions are nearly the same: right now there are no obvious reasons to enable ICMP for getting two extra points in results of IPv6 test.

Currently we live in the net world with mixed IPv4/IPv6 protocols, which is still mostly v4. Switching from v4 to v6 (and back) in most cases happens behind the scene, transparently for a user; in particular, v4 can work as a failsafe option. At least for PCs, which still receive IPv4 addresses, either from global or private net from ISP or local router; contrary to growing IoT devices which should use primarily IPv6 addresses because of their supposed myriads in number. Well, for PC v6 may have some advantages right now, if you install some services or apps (like streaming video or game) which demand or at least count on IPv6, but they almost certainly will add the specific rule, including ICMP support, to Windows Firewall during the installation or at the first start. And that rule will be limited to app or service only, not exposing your PC all the time.

But what was a reason to include ICMP to IPv6 tests? I think that it allows to test local network behind the PC. When you enable ICMP echo on PC, you should see it reachable if your local net devices as well as ISP don't block this protocol. If they block, need to perform some actions like enable ICMP in router or replace it to more modern device. If your test is OK, no reason to keep ICMP enabled. It's also possible to check this without modifications described in my first post, simply switching off the Windows Firewall for a few seconds.

Unfortunately, this explanation why need to enable ICMP only temporarily for testing the local network devices is not mentioned on the IPv6 test website.
 

My Computer

System One

  • OS
    Windows 11 Pro; Windows 8.1 Pro
    Computer type
    PC/Desktop
    CPU
    i7-12700K (Alder Lake)
    Motherboard
    Asus PRIME Z690-M Plus D4
    Memory
    16 GB (2x8 Corsair DDR4-2132)
    Graphics Card(s)
    Asus GeForce 1050 Ti, 4 GB
    Monitor(s) Displays
    Philips 235PQ
    Screen Resolution
    1920x1080
    Hard Drives
    Windows 11: Samsung SSD 870 EVO, 500 GB (SATA), MBR
    Windows 8.1: Samsung SSD 980 PRO, 500 GB (M.2), MBR
    PSU
    Platimax D.F. 1050 W (80 Plus Platinum)
    Internet Speed
    Local link 1 Gbps, provider's line 500 Mbps
    Browser
    Google Chrome
    Other Info
    Realtek PCIe GbE Family Controller (for Windows 8.1 compatibility)
    Microsoft Office H&S 2013 x64
Interestingly enough, I just cleanly installed Windows 11 yesterday.

183.png

So, based upon that, I suppose if it detects that IPv6 is natively supported, it enables the ICMP by default then?

Background - I know that my connection to the world via AT&T Lightspeed FttH supports IPv6, but it was disabled by default in the router. After double checking in my internal network, running on a Google WiFi network, also can support it natively, I enabled it on the Residential Gateway (AT&T's fancy word for AIO modem + router), and then enable it on my Google WiFi, and had mixed results with my old system. But since it seemed to work some times I kinda left it all enabled and forgot about it.

Now it seems that it works perfectly fine with more modern hardware - but, I'm also hardwired into the main Google WiFi puck, which has a hardline running to it from the RG, so I have full wired access to my connection, versus using WiFi. Technically, I could check via WiFi, but the results should be no different, since my wired connection is routed through the Google WiFi puck, and Google WiFi is handling the DHCP and DNS, as that is how I've set it up.


I'm kinda giggling, though, that they are docking points for me not having a unique identifier (aka hostname) for my computer - and because of the fallback to IPv4 is set too ... fast?

Because, yeah, I want everyone to be able to identify me and my unique machine even more so than they already can through my browser, thanks! Oh, and failsafes? We don' need no stinkin' failsafes!

Sigh.
 

My Computers

System One System Two

  • OS
    Windows 11 23H2 Current build
    Computer type
    PC/Desktop
    Manufacturer/Model
    HomeBrew
    CPU
    AMD Ryzen 9 3950X
    Motherboard
    MSI MEG X570 GODLIKE
    Memory
    4 * 32 GB - Corsair Vengeance 3600 MHz
    Graphics Card(s)
    EVGA GeForce RTX 3080 Ti XC3 ULTRA GAMING (12G-P5-3955-KR)
    Sound Card
    Realtek® ALC1220 Codec
    Monitor(s) Displays
    2x Eve Spectrum ES07D03 4K Gaming Monitor (Matte) | Eve Spectrum ES07DC9 4K Gaming Monitor (Glossy)
    Screen Resolution
    3x 3840 x 2160
    Hard Drives
    3x Samsung 980 Pro NVMe PCIe 4 M.2 2 TB SSD (MZ-V8P2T0B/AM) } 3x Sabrent Rocket NVMe 4.0 1 TB SSD (USB)
    PSU
    PC Power & Cooling’s Silencer Series 1050 Watt, 80 Plus Platinum
    Case
    Fractal Design Define 7 XL Dark ATX Full Tower Case
    Cooling
    NZXT KRAKEN Z73 73.11 CFM Liquid CPU Cooler (3x 120 mm push top) + Air 3x 140mm case fans (pull front) + 1x 120 mm (push back) and 1 x 120 mm (pull bottom)
    Keyboard
    SteelSeries Apex Pro Wired Gaming Keyboard
    Mouse
    Logitech MX Master 3S | MX Master 3 for Business
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
    Browser
    Nightly (default) + Firefox (stable), Chrome, Edge
    Antivirus
    Defender + MB 5 Beta
  • Operating System
    ChromeOS Flex Dev Channel (current)
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E5470
    CPU
    Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2501 Mhz, 2 Core(s), 4 Logical Processor(s)
    Motherboard
    Dell
    Memory
    16 GB
    Graphics card(s)
    Intel(R) HD Graphics 520
    Sound Card
    Intel(R) HD Graphics 520 + RealTek Audio
    Monitor(s) Displays
    Dell laptop display 15"
    Screen Resolution
    1920 * 1080
    Hard Drives
    Toshiba 128GB M.2 22300 drive
    INTEL Cherryville 520 Series SSDSC2CW180A 180 GB SATA III SSD
    PSU
    Dell
    Case
    Dell
    Cooling
    Dell
    Mouse
    Logitech MX Master 3S (shared w. Sys 1) | Dell TouchPad
    Keyboard
    Dell
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
OK, here are my test results (with local addresses removed, of course):

ipv6test.png
I enabled ICMP for this test to get maximum possible points, 19 of 20. My PC doesn't have IPv6 hostname, in theory I could get one using one of dynamic DNS services, but it was never supposed to work as a server and become reachable from the outside. Yes, some people keep home servers with remote access to docs, media files, home devices from outside, but it's not my case. IPv6 also was not enabled in my router by default, I had to switch the protocol manually to IPv4/v6. After that, all works well.

Fallback in 1 second is a feature of web browser, Google Chrome 93; Edge shows the same 1 sec. If you repeat the test, the result may be improved. If not, it's a Windows or maybe a network problem (never solved this yet).

Why your ICMP test was not performed? The port may be blocked by ISP or router, to check this, you can do the same test using Wi-Fi connection and/or using other PC or mobile device. Sure, you don't need ICMP for common work, only if you will install a specific service in the future...
 

My Computer

System One

  • OS
    Windows 11 Pro; Windows 8.1 Pro
    Computer type
    PC/Desktop
    CPU
    i7-12700K (Alder Lake)
    Motherboard
    Asus PRIME Z690-M Plus D4
    Memory
    16 GB (2x8 Corsair DDR4-2132)
    Graphics Card(s)
    Asus GeForce 1050 Ti, 4 GB
    Monitor(s) Displays
    Philips 235PQ
    Screen Resolution
    1920x1080
    Hard Drives
    Windows 11: Samsung SSD 870 EVO, 500 GB (SATA), MBR
    Windows 8.1: Samsung SSD 980 PRO, 500 GB (M.2), MBR
    PSU
    Platimax D.F. 1050 W (80 Plus Platinum)
    Internet Speed
    Local link 1 Gbps, provider's line 500 Mbps
    Browser
    Google Chrome
    Other Info
    Realtek PCIe GbE Family Controller (for Windows 8.1 compatibility)
    Microsoft Office H&S 2013 x64
I did not manually enable ICMP, and I'm wondering if it is because I am (pretty much) double NATd - I have my Google WiFi inside of my AT&T RG, and I did not perform any port forwarding / bridging / etc between the RG and the GW, so that GW gets an IP from the RG and all my systems get an IP from the GW. So, being double NATd, I suspect that may be why it doesn't bother to check ICMP. Of course, I amy be wrong, that may have no effect on it - this setup certainly has no effect on anything else I do, so....

As for the fallback - I use Firefox. so it's 7. I suppose I could change that if need be - but I'm not enabling ICMP for nothing. I don't need a high score, I need it to work first and foremost - and it does work as things stand right now exactly as I have it set up.

So, if it is not broken, I'm not going to try to fix it. :wink:
 

My Computers

System One System Two

  • OS
    Windows 11 23H2 Current build
    Computer type
    PC/Desktop
    Manufacturer/Model
    HomeBrew
    CPU
    AMD Ryzen 9 3950X
    Motherboard
    MSI MEG X570 GODLIKE
    Memory
    4 * 32 GB - Corsair Vengeance 3600 MHz
    Graphics Card(s)
    EVGA GeForce RTX 3080 Ti XC3 ULTRA GAMING (12G-P5-3955-KR)
    Sound Card
    Realtek® ALC1220 Codec
    Monitor(s) Displays
    2x Eve Spectrum ES07D03 4K Gaming Monitor (Matte) | Eve Spectrum ES07DC9 4K Gaming Monitor (Glossy)
    Screen Resolution
    3x 3840 x 2160
    Hard Drives
    3x Samsung 980 Pro NVMe PCIe 4 M.2 2 TB SSD (MZ-V8P2T0B/AM) } 3x Sabrent Rocket NVMe 4.0 1 TB SSD (USB)
    PSU
    PC Power & Cooling’s Silencer Series 1050 Watt, 80 Plus Platinum
    Case
    Fractal Design Define 7 XL Dark ATX Full Tower Case
    Cooling
    NZXT KRAKEN Z73 73.11 CFM Liquid CPU Cooler (3x 120 mm push top) + Air 3x 140mm case fans (pull front) + 1x 120 mm (push back) and 1 x 120 mm (pull bottom)
    Keyboard
    SteelSeries Apex Pro Wired Gaming Keyboard
    Mouse
    Logitech MX Master 3S | MX Master 3 for Business
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
    Browser
    Nightly (default) + Firefox (stable), Chrome, Edge
    Antivirus
    Defender + MB 5 Beta
  • Operating System
    ChromeOS Flex Dev Channel (current)
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E5470
    CPU
    Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2501 Mhz, 2 Core(s), 4 Logical Processor(s)
    Motherboard
    Dell
    Memory
    16 GB
    Graphics card(s)
    Intel(R) HD Graphics 520
    Sound Card
    Intel(R) HD Graphics 520 + RealTek Audio
    Monitor(s) Displays
    Dell laptop display 15"
    Screen Resolution
    1920 * 1080
    Hard Drives
    Toshiba 128GB M.2 22300 drive
    INTEL Cherryville 520 Series SSDSC2CW180A 180 GB SATA III SSD
    PSU
    Dell
    Case
    Dell
    Cooling
    Dell
    Mouse
    Logitech MX Master 3S (shared w. Sys 1) | Dell TouchPad
    Keyboard
    Dell
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
I would assume that if it was important, remembering that MS is all for iPV6, it wouldn't be filtered by the firewall, so leaving well alone.
 

My Computers

System One System Two

  • OS
    Windows 11 22H2 OS Build 22623.1095
    Computer type
    PC/Desktop
    Manufacturer/Model
    Self Build
    CPU
    AMD Ryzen 7 3800X
    Motherboard
    Asus PRIME B350-PLUS
    Memory
    16GB Corsair Vengeance LPX DDR4 @3000Mhz
    Graphics Card(s)
    ASUS - GeForce RTX 3070 Ti 8 GB TUF GAMING OC
    Sound Card
    On Board Realtec
    Monitor(s) Displays
    Acer KA241
    Screen Resolution
    1920 x 1080 @60Hz
    Hard Drives
    240GB PNY CS900 SSD - OS
    2 x 1TB Crucial MX500 SSD
    1 x 500GB Crucial MX300 SSD
    2TB Seagate ST2000DM001-1ER164
    2TB Seagate ST2000DM008-2FR102
    PSU
    750 Watt Corsair TX750 Plus
    Case
    Cooler Master 690 III
    Cooling
    Akasa AK98 5 Case Fans
    Keyboard
    Logitech K270 - wireless
    Mouse
    Logitech - M185 wireless
    Internet Speed
    BT Fibre 75 Mbps
    Browser
    Firefox
    Antivirus
    Windows Defender
    Other Info
    Use hardware KVM to switch monitors on three PCs and software (input director) to use mouse and keyboard on all 4 PCs.
  • Operating System
    Windows 11 Pro 22H2 build 22621.900
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Inspiron 3881 - modified with SFX PSU fitted internally
    CPU
    Intel i5 - 10400
    Motherboard
    Dell 032w55 version A00
    Memory
    16GB of HyperX Fury @ 2133 Mhz
    Graphics card(s)
    EVGA 6GB GTX 1060.
    Sound Card
    Builtin
    Monitor(s) Displays
    ACER KA241
    Screen Resolution
    1920x 1080 @60Hz
    Hard Drives
    256GB SK hynix NVMe
    1TB Western Digital WD10EZEX-75WN4A1
    PSU
    Modular 450 Watt Corsair SF450 Platinum ( Mod to replace the Dell 265 Watt PSU)
    Case
    Inspiron Small Desktop
    Cooling
    Dell stock cooler
    Mouse
    Dell
    Keyboard
    Dell
    Internet Speed
    BT Fibre 75 Mbps
    Browser
    Firefox
    Antivirus
    Windows Defender
    Other Info
    Use hardware KVM to switch monitors on three PCs and software (input director) to use mouse and keyboard on all 4 PCs.
I will await until it becomes an issue but TFHU
 

My Computer

System One

  • OS
    win11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Me
    CPU
    i9 10850
    Motherboard
    MS-7C75
    Memory
    16GB
    Graphics Card(s)
    nVIDEA Geoforce 3070
    Sound Card
    Onboard
    Monitor(s) Displays
    Samsung 55inch TV
    Screen Resolution
    3040 X 2160
    Hard Drives
    6TB over 4 drives
    Case
    generic
    Cooling
    water cooled
    Keyboard
    generic
    Mouse
    generic
    Internet Speed
    500mb
    Browser
    various
    Antivirus
    ATM Bitdefender
Interestingly enough, I just cleanly installed Windows 11 yesterday.

View attachment 7748

So, based upon that, I suppose if it detects that IPv6 is natively supported, it enables the ICMP by default then?
Did you click on the hamburger by the score?

Screenshot 2021-09-13 194345.png
 

My Computers

System One System Two

  • OS
    Windows 11 Pro x64
    Computer type
    PC/Desktop
    Manufacturer/Model
    DIY Photoshop/Game/tinker build
    CPU
    Intel i9 1300KS
    Motherboard
    Asus ROG Maximus Z90 Dark Hero
    Memory
    64GB (2x32) G.skill Trident Z5 RGB 6400 MHZ 32-39-39
    Graphics Card(s)
    Asus ROG Strix 4070 Ti OC
    Sound Card
    Onboard Audio, Vanatoo Transparent One; Klipsch R-12SWi Sub; Creative Pebble Pro Minimilist
    Monitor(s) Displays
    Eizo CG2730, ViewSonic VP2768
    Screen Resolution
    2560 x 1440p x 2
    Hard Drives
    WDC SN850 1TB nvme, SK-Hynix 2 TB P41 nvme, Raid 0: 1TB 850 EVO + 1TB 860 EVO SSD. Sabrent USB-C DS-SC5B 5-bay docking station: 6TB WDC Black, 6TB Ironwolf Pro; 2x 2TB WDC Black
    PSU
    850W Seasonic Vertex PX-850
    Case
    Fractal Design North XL Mesh, Black Walnut
    Cooling
    EKWB 360 Nucleus Dark AIO w/Phanteks T30-120 fans, 1 Noctua NF-A14 Chromax case fan
    Keyboard
    Glorious GMMK TKL mechanical, lubed modded
    Mouse
    Logitech G305 wireless gaming
    Internet Speed
    380 Mb/s down, 12 Mb/s up
    Browser
    Firefox
    Antivirus
    Defender, Macrium Reflect 8 ;-)
  • Computer type
    Laptop
    Manufacturer/Model
    Apple 13" Macbook Pro 2020 (m1)
    CPU
    Apple M1
    Screen Resolution
    2560x1600
    Browser
    Firefox
No. My score today is 17, and ICMP is supposedly being filtered. And I'm fine with that.
 

My Computers

System One System Two

  • OS
    Windows 11 23H2 Current build
    Computer type
    PC/Desktop
    Manufacturer/Model
    HomeBrew
    CPU
    AMD Ryzen 9 3950X
    Motherboard
    MSI MEG X570 GODLIKE
    Memory
    4 * 32 GB - Corsair Vengeance 3600 MHz
    Graphics Card(s)
    EVGA GeForce RTX 3080 Ti XC3 ULTRA GAMING (12G-P5-3955-KR)
    Sound Card
    Realtek® ALC1220 Codec
    Monitor(s) Displays
    2x Eve Spectrum ES07D03 4K Gaming Monitor (Matte) | Eve Spectrum ES07DC9 4K Gaming Monitor (Glossy)
    Screen Resolution
    3x 3840 x 2160
    Hard Drives
    3x Samsung 980 Pro NVMe PCIe 4 M.2 2 TB SSD (MZ-V8P2T0B/AM) } 3x Sabrent Rocket NVMe 4.0 1 TB SSD (USB)
    PSU
    PC Power & Cooling’s Silencer Series 1050 Watt, 80 Plus Platinum
    Case
    Fractal Design Define 7 XL Dark ATX Full Tower Case
    Cooling
    NZXT KRAKEN Z73 73.11 CFM Liquid CPU Cooler (3x 120 mm push top) + Air 3x 140mm case fans (pull front) + 1x 120 mm (push back) and 1 x 120 mm (pull bottom)
    Keyboard
    SteelSeries Apex Pro Wired Gaming Keyboard
    Mouse
    Logitech MX Master 3S | MX Master 3 for Business
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
    Browser
    Nightly (default) + Firefox (stable), Chrome, Edge
    Antivirus
    Defender + MB 5 Beta
  • Operating System
    ChromeOS Flex Dev Channel (current)
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E5470
    CPU
    Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2501 Mhz, 2 Core(s), 4 Logical Processor(s)
    Motherboard
    Dell
    Memory
    16 GB
    Graphics card(s)
    Intel(R) HD Graphics 520
    Sound Card
    Intel(R) HD Graphics 520 + RealTek Audio
    Monitor(s) Displays
    Dell laptop display 15"
    Screen Resolution
    1920 * 1080
    Hard Drives
    Toshiba 128GB M.2 22300 drive
    INTEL Cherryville 520 Series SSDSC2CW180A 180 GB SATA III SSD
    PSU
    Dell
    Case
    Dell
    Cooling
    Dell
    Mouse
    Logitech MX Master 3S (shared w. Sys 1) | Dell TouchPad
    Keyboard
    Dell
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
Allowing incoming ICMPv6 echo requests is fine. The main risk you run if you allow them in is that if someone finds a stable (non-temporary/privacy) address for e.g. your laptop then they can keep pinging it to see when it's switched on. That might be considered a privacy risk. They'll have to find such an address first though, because for outgoing connections it will use its temporary privacy addresses.

While IPv4 and fallback is still mainstream ICMP is not vital to continued operation, but going forward "if/as" site's and programs begin to use IPv6 as the main with less and less IPv4 as fall back it might become more of an issue. The IPv6 equivalent of ARP is neighbour-discovery, which uses ICMP packets as well. The stateless auto configuration is part of neighbour discovery, so also needs ICMP. So it is not just error reporting.

From what I have been reading and several papers published Filtering at Firewall level (ISP/server/home) is recommended, so that you receive, error messages (there is an advanced windows firewall setting to allow ICMPv6 echo requests on your private network(disabled as default)) , but drop messages that are potential security risks.

I feel that the option is there in both the test, and in windows for those people working on IPv6 only networks, where its operation is needed, and so disabled as default due to most current routers/homes etc just not being setup to handle IPv6 only networks and more importantly security. Still lots to learn for me, but working my way through it.

There is a pretty heavy read on the subject here RFC 4890: Recommendations for Filtering ICMPv6 Messages in Firewalls (good luck with it, it is interesting)

As to your question about helping with gaming and VPN's, I just don't think Games and services are leaning on IPv6 and its feature set enough for it to be an issue for them at the moment, there are still routers out there with either No Ipv6 support or with it disabled as default, and people just don't know, or care as long as it is working.

Hope this helped @Slavic
 

My Computer

System One

  • OS
    Windows 11 Pro

Latest Support Threads

Back
Top Bottom