This is more of a rant post while trying to educate and question.
Background: I was wondering why I couldn't SSH or reach my website domain through public/global internet using IPv6. I'm familiar with IPv4, NAT, and port forwarding and didn't have any issue with it. I admit I'm a newbie compared to most other people, but I like to understand how things work.
After realizing IPv6 was supposed to give me direct access to my servers (instead of redirects with NAT and port forwarding), and after reading through numerous articles and forum posts along with many trials and error, nothing worked. Then it finally dawned on me to try to adjust the firewall settings in regards to zone forwarding. By default, LAN to WAN was setup as INPUT ACCEPT, OUTPUT ACCEPT, FORWARD ACCEPT. But for some reason (hence my newbie-ness) WAN (wan & wan6) to LAN was setup as INPUT REJECT, OUTPUT ACCEPT, FORWARD REJECT. When I upgraded from Chaos Calmer to LEDE, i changed the firewall for “WAN to LAN” to INPUT ACCEPT, OUTPUT ACCEPT, FORWARD ACCEPT. Only then was I able to gain public/global/remote access to my home servers. So now I'm sitting here wondering why was this so poorly documented and the default? Why did I spent time blaming myself and my ISP (as people suggested) due to a router issue? I spent hours researching this and entering appropriate keywords in this forum to get no result. Most results told me to use the command line and parsing through debug language to understand what was going on.
So now that I can access my servers via internet (outside of my local network), I have to ask: was this the best solution and how can I configure it to be better secured?