I've wanted real IPv6 at home for years, and for years my ISP shrugged and offered me a tunnel or nothing. A tunnel works, I ran a Hurricane Electric one for ages, but it adds latency and the occasional site treats your tunnelled traffic as suspicious. When I finally moved to a provider that does native dual-stack, I expected an afternoon's faff. It was more like an evening, but it stuck.
The first thing to understand is that home IPv6 isn't one address, it's a delegated prefix. The ISP hands you a block, in my case a /56, via DHCPv6 prefix delegation, and your router is then responsible for carving subnets out of it and advertising them onto your LANs. This is the bit that catches people who think in IPv4 terms: there's no NAT, every device gets a globally routable address, and that's the point, not a bug.
On the router (running OpenWrt) the WAN side needed DHCPv6 client mode asking for a prefix, and the LAN side needed to hand addresses out. The relevant config, trimmed:
config interface 'wan6'
option proto 'dhcpv6'
option reqprefix 'auto'
config interface 'lan'
option ip6assign '64'
reqprefix auto asks for whatever the ISP will give; ip6assign 64 slices a /64 off the delegated block for the LAN, which is the smallest subnet you should ever use in v6. Devices then autoconfigure via SLAAC and start getting global addresses without any DHCP server lifting a finger.
Two surprises were worth the evening.
The first was the firewall. With no NAT, there's nothing accidentally hiding your machines any more. Every device is reachable from the internet at its global address unless the firewall says otherwise. OpenWrt defaults to dropping inbound on the WAN, which is correct, but I'd grown lazy under IPv4's accidental privacy. I went through and made the default-deny explicit and only opened what I meant to. It's the right model, it's just one you have to actually engage with rather than getting for free.
The second was DNS. Plenty of home kit will get a v6 address and then quietly prefer it, and if your local DNS resolver isn't returning AAAA records for internal names, or is returning them and pointing at the wrong place, you get intermittent failures that look like the network is haunted. I had to make sure my local resolver served AAAA records for the homelab boxes, and that connectivity checks weren't tripping over a half-configured v6 path. Happy Eyeballs papers over a lot of this for browsers, but not for everything.
Is it worth it? For day-to-day browsing, honestly you won't notice. The web mostly works the same. Where it pays off is the homelab: I can reach a box directly by its address without port-forwarding gymnastics, and I've stopped pretending NAT is a security feature. It never was. It was just a side effect I'd come to lean on. Native v6 takes that crutch away and makes you do the firewalling on purpose, which is how it should have been all along.