I have a question about security considerations regarding temporary IPv6. Now with native IPv6 I got each device directly accessible from the internet at its DHCPv6 IP (if it wasn't all blocked by the routers firewall which is good)
Anyways, for some reason, IPv6 Temporary Address / Address Randomization is disabled. That' s from the pre-IPv6 days, not sure why I configured it this way.
Now how important is this setting for IPv6 security? Should I re-enable temporary address or can I leave it the way it is?
While it was enabled by default, I remember issues with
pihole -r detecting some temporary address and using it, which lead to run
pihole -r again whenever it changed. Since I got DHCPv6, I hope pihole -r will detect the DHCP-assigned address and use it.
General IPv6 question about security. Since every device has its unique IP without NAT, portscans on my Pi-Hole DHCPv6 IP result in showing a lot of filtered ports. Looks like the screenshot (from Windows PC but Pi looks alike).
Is it supposed to look that way with IPv6? How important is now to run additional firewall on Pi-Hole?