ipv6 fw rule with dynamic prefix

Perun · September 25, 2018, 08:46:48 AM

Hi

how can I set a ipv6 firewall rule with a dynamic prefix?

Greetz

bartjsmit · September 25, 2018, 10:17:13 AM

You can't. Either run a HE tunnel https://tunnelbroker.net/ or change to an ISP that is not stuck in the dark ages.

Bart...

franco · September 27, 2018, 12:58:41 PM

This is on my long-term TODO list. Martin added a prefix merge feature for DHCPv6 / RADVD, but moving this into the firewall is trickier than just merging the prefixes on a flat config file rewrite.

Cheers,
Franco

torso70 · September 08, 2020, 08:38:12 AM

In release 20.7.2. there is a new alias type based on MAC addresses. You could define rules based on MAC address for the hosts with dynamically assigned IPv6 prefixes.

franco · September 08, 2020, 09:39:35 PM

I had to take a closer look, but yes, MAC alias resolves arp and ndp output so both IPv4 and IPv6 are supported.

Cheers,
Franco

ipv6 fw rule with dynamic prefix

Perun

September 25, 2018, 08:46:48 AM

bartjsmit

September 25, 2018, 10:17:13 AM #1

franco

September 27, 2018, 12:58:41 PM #2

torso70

September 08, 2020, 08:38:12 AM #3

franco

September 08, 2020, 09:39:35 PM #4