Surf Soho Setup and Security Concerns

I’m a home purchaser of the Soho Mk3 because I am extremely concerned with security for our home computers. Unfortunately, I’m not a “techie” but I have followed Michael Horowitz’s writings and instructions to configure the new router, (sincere thank you!). My setup is: ISP - Comcast, owned Modem, Soho MK3. The home computers are all Apple Macs and will plug into the LAN ports for individual online access. I set most of the security settings that Michael recommends, except I left IP Addresses and Subnets, VPNs and VLANs for a later date. I configured everything for the new router while offline, and was in the process of doing final checks on settings when I looked at the network details on my Mac desktop from my previous router. I noticed all of the previous IPv6 settings and realized that the MK3 doesn’t have IPv6 settings at all. Apparently the MK3 doesn’t support IPv6. My ISP, Comcast, does use IPv6. So, if the IPv6 is not traveling through my MK3, is it completely exposed online? Does the MK3 even filter IPv6 traffic or is everything left completely exposed? Please understand, this is quite concerning for me. I would appreciate help with understanding how, or if, this lack of IPv6 support impacts my online security. I want to be certain that doing things such as online banking and tax filings, etc. are secure with this router. And, are there particular settings that I need to set for the IPv6 traffic? Again, thank you for your time and assistance.

What do you mean completely exposed? What makes you think that?

I would not worry. Just know the MK3 is not a security appliance. It can do basic firewall duties but it does not serve as IDS/IPS/etc.

Thanks for your response. I don’t understand if the IPv6 is an issue or not. Specifically, since the MK3 doesn’t support IPv6 and my ISP does, how is the IPv6 data handled/interpreted/translated by the router?
I recognize that I can’t avoid all risks online. Peplink has created a great router with powerful features and I just don’t want to make any errors with the setup due to my not understanding something. Thanks again.

You could check with your ISP, if you lived in another country. Seeing as how its Comcast in the US, that would probably be a waste of time.

IPv6 can be tunneled thru IPv4. I do not understand how this works.

To your main point, I think you are safer using a router that does not support IPv6. Lowers the attack surface.

I agree; a root canal is less painful than calling Comcast.

Thank you for your explanation, —- exactly what I needed to hear!

And, sincere thanks for the time you devote to helping people like myself better understand how to make the move away from consumer routers.

I would be surprised if IPv6 was an actual technical requirement for Comcast. I know someone using Verizon FIOS with an Asus router that has IPv6 disabled.

If there are Windows devices on your network, here is another trick. Create a Local DNS record for

with an IP address of zero. I ran into this while tracing DNS requests on a Windows machine.

Thank you for your additional thoughts.

No Windows devices on my network, —- Apple only.

So, I’m going to operate on the premise that I’m good to go without IPv6 support on the MK3.

Thanks again!