[Firehol-support] router_ra pppoe and firehol ?!
Phil Whineray
phil at sanewall.org
Wed Jul 15 08:37:15 CEST 2015
Hi Tamer
On Wed, Jul 15, 2015 at 06:29:16AM +0200, Tamer Higazi wrote:
> Hi Phil, still doesn't work.
>
> I deactivated the router advertisement on my VDSL2 router. Can't be so
> difficult at all..... to make a static route to the server to come out
> with ipv6.
> Then this problem is for all time solved.
>
> Need to figure out how todo that, then the problem is all time solved.
I'm a bit confused - if this works without the firewall activated
then something is doing the configuration and most likely it is
RA packets. If not RA, it could be DHCPv6 that is being used:
I am not aware of anything else that would allow things to just work.
It would be the remote endpoint of the PPP connection that is responsible
for sending RA packets, not necessarily the router.
You should check the logs for the first minute after connecting and you
should see something being blocked. If you have not done this before
there is an outline here:
http://firehol.org/guides/firehol-troubleshooting/
Unless you tried putting in the rules for ipv6router, my guess is you
will see ICMPv6 type 133 and 134 (RS+RA) packets being blocked.
I would personally worry that if my ISP expects to autoconfigure
that they may be willing to change the endpoint address, send new
RA packets and expect things to keep working but they won't if you
have statically configured this.
Cheers
Phil
More information about the Firehol-support
mailing list