Well good news. Because ipv6 has a thing called privacy extensions which has been switched on by default on every device I’ve used.
That generates random ipv6 addresses (which are regularly rotated) that are used for outgoing connections. Your router should block incoming connections to those ips but the os will too. The proper permanent ip address isn’t used for outgoing connections and the address space allocated to each user makes a brute force scan more prohibitive than scanning the whole Ipv4 Internet.
So I’m going to say that using routable ipv6 addresses with privacy extensions is more secure than a single Ipv4 Nat address with dnat.
Well good news. Because ipv6 has a thing called privacy extensions which has been switched on by default on every device I’ve used.
That generates random ipv6 addresses (which are regularly rotated) that are used for outgoing connections. Your router should block incoming connections to those ips but the os will too. The proper permanent ip address isn’t used for outgoing connections and the address space allocated to each user makes a brute force scan more prohibitive than scanning the whole Ipv4 Internet.
So I’m going to say that using routable ipv6 addresses with privacy extensions is more secure than a single Ipv4 Nat address with dnat.