nanog mailing list archives
Re: IPv6 gateway, was: Re: IPv6 foot-dragging
From: Todd Lyons <tlyons () ivenue com>
Date: Mon, 16 May 2011 08:20:18 -0700
On Fri, May 13, 2011 at 2:32 PM, Jeroen van Aart <jeroen () mompl net> wrote:
Something like: -I FORWARD -j DROP -I FORWARD -s 2001:db8::/64 -j ACCEPT -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
Double check the kernel version you have. IIRC kernels before 2.6.20 didn't have the ability to do RELATED,ESTABLISHED in ipv6. This hit me on a CentOS box that I was using as a gateway. I am unaware if there is a version of their 2.6.18 that has the patches backported (googling seemed to indicate it has not been done, and most are just waiting for new release of CentOS 6). RH6 works properly. -- Regards... Todd "It is the nature of the human species to reject what is true but unpleasant and to embrace what is obviously false but comforting." "You might be a skeptic if you have pedantically argued the topic of pedantry."
Current thread:
- IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Jeroen van Aart (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Owen DeLong (May 13)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Todd Lyons (May 16)
- Re: IPv6 gateway, was: Re: IPv6 foot-dragging Erik Muller (May 17)