Really ? I'm learning new things on RouterOS every day still 
Thanks for pointing that out.
Now I have an extensive IPv6 FW-policy anyway on input and forward chains so I'm never too concerned.
(eg. I drop any IPv6 in ingress not originated from the LAN/Bridge side)
I have a question, but not completely sure is this correct topic.
How can I disable ipv6 on MT with ROS 7.3 ? I want to block it totally (in, out, forwarding packets).
You have simply used the forum search function?
/ipv6 settings set disable-ipv6=yes
Every advice here is missleading and gives the impression to the reader that by disabling ipv6 in mikrotik or by dropping the packets in firewall you are blocking the ipv6 = WRONG.
If there is a connected router in then network OTHER than mikrotik and this rogue router has enabled RA advertising all the capaple ipv6 devices will āgetā a public ipv6 from this router and go to internet by this rogue router.
This is a terrible security threat and it has been handled by Cisco with the āipv6 RA guardā blocking RA traffic in Layer 2 level per interface port.
In windows and linux you mostly have ipv6 disabled that why you dont face this problem but every mobile device has ipv6 enabled by default and of cource there is no easy way to closed it. Even if you could you canāt inform every possible client to block ipv6 ābecause im running on mikrotikā and i canāt secure you.
A good read: https://www.rfc-editor.org/rfc/rfc6105
Euh ā¦ if you introduce ROUGE routers on your network with their own Internet connectivty offcourse there is a huge issue! Nothing to do with Mikrotik itself.
However, IF your Mikrotik is the only device with ISP-connectivity AND you disable āIPv6 forwardingā & configuration I would be very , very surprised if some public IPv6 could creep into your network.
THAT would be a big Mikrotik security issue.
It can always be that any device on your network sets up a IPv6-over-IPv4 tunnel and uses it to access IPv6. It can even forward IPv6 traffic for others.
Sure, dozens of possibilities to still slip/sneek through since no Mikrotik has no true UTM/IDP-capabilities that could detect & block various tunneling/evasive tooling/protocols (eg. Teredo or other 6-in-4)
But I think it is important to state that IF you disable IPv6 on your Mikrotik (forwarding,package) no native IPv6 will sneek through! and no single endpoint on your network will ever be able to access (or be accessed!) using native IPv6.
That is only true when you run the router in a routing configuration. When it is bridging, it will happily pass IPv6 without IPv6 support installed or -enabled.
Why do you want to disable IPv6?
A better question, what can i do with IPv6 that are so good that I need to enable it?
I have an ISP with IPv6, but does not use it. From how I do see it:
No faster internet.
More complex firewall setup.
You will be able to use ipv6 only servicesā¦.
That gives me what? (as a normal user)
Faster internet?
More websites?
You can solve some problems that occur due to NAT.
The firewall is not more complicated, the default settings are about the same (allow established/related, allow new traffic going outside).