nanog mailing list archives

Re: Ipv6 for the content provider

From: "Randy McAnally" <rsm () fast-serv com>
Date: Mon, 31 Jan 2011 13:29:18 -0500

On Mon, 31 Jan 2011 11:53:22 -0600, Blake Hudson wrote

# ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT

I guess the next question is whether or not it actually works correctly....


You can open/shut ports but you can't do anything with connection state
(RELATED, ESTABLISHED, ect).  For example, you have to open all upper inbound
ports manually if you want to complete outbound connections.

The solution is to manually build your own kernel from a vanilla source, along
with all the problems that entails.

~Randy

Current thread:

Re: Ipv6 for the content provider, (continued)
- - - Re: Ipv6 for the content provider Jared Mauch (Jan 27)
- Re: Ipv6 for the content provider Randy McAnally (Jan 26)
  - Re: Ipv6 for the content provider Dale W. Carder (Jan 26)
  - Re: Ipv6 for the content provider Charles N Wyble (Jan 26)
    - Re: Ipv6 for the content provider Randy McAnally (Jan 26)
    - Re: Ipv6 for the content provider Lamar Owen (Jan 26)
    - Re: Ipv6 for the content provider Valdis . Kletnieks (Jan 26)
    - Re: Ipv6 for the content provider Blake Hudson (Jan 31)
    - Re: Ipv6 for the content provider Simon Perreault (Jan 31)
    - Re: Ipv6 for the content provider Blake Hudson (Jan 31)
    - Re: Ipv6 for the content provider Randy McAnally (Jan 31)
    - Re: Ipv6 for the content provider Lamar Owen (Jan 31)
    - Re: Ipv6 for the content provider Jack Bates (Jan 31)
    - Re: Ipv6 for the content provider Antonio Querubin (Jan 31)
  - Re: Ipv6 for the content provider Antonio Querubin (Jan 26)
- Re: Ipv6 for the content provider Mark Andrews (Jan 26)