Just because you can doesn’t mean anyone does. I’ve never seen an ISP hand out “private” IPv6 addresses. Ever.

If you’re doing NAT on IPv6, you’re doing it wrong and stupid. Plain and simple.

Network Prefix Translation isn’t the same thing. That’s used for things like MultiWAN so that your IPv6 subnet from another WAN during a failover event can still communicate by chopping off the first half and replacing the subnet with the one from the secondary WAN. It is not NAT like in IPv4 and doesn’t have all of the pitfalls and gotchas. You still have direct communications without the need for things like port forwarding or 1:1 NAT translations.

I’m a Network Engineer of over a decade and a half. I live and breath this shit. Lol.

CGNAT only applies to IPv4. You cannot NAT IPv6 effectively. It’s not designed to be NATed. While there IS provisions for private IPv6 addressing, nobody actually does it because it’s pointless.

It’s why IPv6 is important, but many didn’t listen.

Yes, but OP mentioned nothing about Cloudflare.

Sweet. Both OPNSense and pfSense firewalls have the ability to tie into MaxMind’s GeoIP service. Not sure what your perimeter device is, but it’s pretty easy on those. And free.

Best solution is a VPN to your home network.

However, if you want to host it publicly, at least restrict access to it via GeoIP. For example, if you live in Europe and only need access from there, only allow the areas in Europe you travel to and block everything else. This will greatly reduce your attack surface.

Also, make sure everything is patched. Always. And implement something like fail2ban to deny repeated failed logins, along with a reverse proxy.

I ran KDE for a year or so recently. The screen sharing bug, since I rely on screen sharing greatly for work, made me switch to something else. If that hadn’t existed, I’d have probably stuck with it.

KDE is a great DE, but I’ve always found it more buggy than the rest. It also pushes the envelope, though, and really is a cutting edge DE.

GNOME might be more “stable”, but I’ve also found you need to have at least a half dozen extensions and GNOME Tweaks to make it usable OOTB. Also, it uses as much RAM just doing nothing as a Windows install.

KDE has always been “Wow this is cool and very well designed” until I always run into a bug I can’t get past and have to switch. This has been my cycle for half a decade or more:

1. I hear about KDE’s latest cool features (HDR support was the latest) and give it a try.
2. I use it for several months.
3. An update breaks something that is critical to my workflow and I have to switch to something else.

These days, though, I use Cinnamon. It is the definition of “just works” and other than network management GUI elements being kind of meh (especially for VLANs), I’ve found it to be rock solid.

Wow. Never seen someone defend porch pirates before. What a hot take.

I know Pop_OS! has some excellent Optimus controls built into their distro. I haven’t used NVidia in a while, though, since I went all AMD for better driver support.

Debian and Linux Mint.

Debian for mission critical stuff like servers or things I don’t want to futz with, like HTPCs, work machines, etc.

Mint for my gaming desktop because it’s a bit newer on kernels and such.

How secure an OS is depends entirely on the configuration. A Linux install can be less secure than Windows or macOS, if configured so.

Linux tends to be more secure OOTB because distro devs tend to be security conscious. Android is also fairly secure, since it has no root access, sandboxes applications to a degree, and has other hardening employed. However, Android is also very vast and built for various devices by many manufacturers, so it also depends on them.

Not really news. It’s been floating around 2% for a while.

Thanks. I need eye bleach now.

So you’re using Hyprland WM… I’m assuming to have a minimalistic Window Manager… But you want an app launcher.

No offense, but FFS just use a DE at that point. You’re just creating a DE with extra steps. KDE is nice and fairly lightweight.

And Switch. And anything Retroarch supports.

The Steam Deck is amazing.

I work for a company in Texas, USA. We actively discourage Windows being used in our organization and push people to use macOS or Linux.

When Microsoft started enforcing online accounts to use my computer. It was then that I fully jumped ship. I was using Linux way before that for my media server, HTPC, etc., but it was that and the Steam Deck that made me finally fully jump.

pfSense = Firewall and router system based on FreeBSD. Has both open source and commercial versions. Built for SMB to Enterprise uses. Extremely powerful with all of the bells and whistles you’d expect from a professional firewall product.

OPNSense = Basically pfSense with a different UI. It’s a fork of pfSense. Much of the same capability, but is built by a smaller company.

OpenWRT = Replacement firmware for embedded devices (as well as x86). It’s open source WiFi router firmware that runs on tens of thousands of devices. Many vendors will even base their custom firmware on OpenWRT and put a different skin on it (GL.iNet, for example).

Slava Ukraini!