> You no longer need services like tailscale or zerotier or VPN like wireguard just to connect to your home network. You also do not need static IP.
I disagree. Technologies like Tailscale, zerotier and Wireguard mostly exist to secure your private, distributed network. Tailscale has all kinds of measures to circumvent NATs, sure, but the main point is access control, encryption by default and presenting as little an attack surface as possible (by routing everything through Wireguard).
IPv6 doesn't give you that: IPv6 addresses can still easily be spoofed, and ports can still be scanned. And vulternabilities in applications listening on public ports will always exist. VPNs provide you with an additional layer of security.
How is an ISP supposed to know whether the "sender" on an IP packet is legitimate?
> That's not related to IPv6.
I didn't claim it was. It is, of course, already an issue in IPv4 networks.
OP was claiming that, once everyone uses IPv6, VPN solutions like Tailscale or WireGuard would no longer be needed. I disagreed because one of main features these solutions provide is access control, i.e. which device gets to connect to which device (and which application) in your private network. Not only is this much more cumbersome to achieve with IPv6 alone (as you need to set up appropriate firewall rules manually on each device), the security guarantees afforded by such firewall rules also won't be as strong as 1) IP spoofing cannot be prevented, 2) encryption is not the default, 3) the attack surface is much larger.
> If your ISP allows spoofing addresses
This has nothing to do with one's ISP. The ISP cannot possibly know whether the sender IP address on an IP packet is legitimate or not.
I disagree. Technologies like Tailscale, zerotier and Wireguard mostly exist to secure your private, distributed network. Tailscale has all kinds of measures to circumvent NATs, sure, but the main point is access control, encryption by default and presenting as little an attack surface as possible (by routing everything through Wireguard).
IPv6 doesn't give you that: IPv6 addresses can still easily be spoofed, and ports can still be scanned. And vulternabilities in applications listening on public ports will always exist. VPNs provide you with an additional layer of security.