[140637] in North American Network Operators' Group
Re: IPv6 gateway, was: Re: IPv6 foot-dragging
daemon@ATHENA.MIT.EDU (Todd Lyons)
Mon May 16 11:21:07 2011
In-Reply-To: <4DCDA380.7020407@mompl.net>
Date: Mon, 16 May 2011 08:20:18 -0700
From: Todd Lyons <tlyons@ivenue.com>
To: Jeroen van Aart <jeroen@mompl.net>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Fri, May 13, 2011 at 2:32 PM, Jeroen van Aart <jeroen@mompl.net> wrote:
>
> Something like:
> -I FORWARD -j DROP
> -I FORWARD -s 2001:db8::/64 -j ACCEPT
> -I FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
Double check the kernel version you have. IIRC kernels before 2.6.20
didn't have the ability to do RELATED,ESTABLISHED in ipv6. This hit
me on a CentOS box that I was using as a gateway. I am unaware if
there is a version of their 2.6.18 that has the patches backported
(googling seemed to indicate it has not been done, and most are just
waiting for new release of CentOS 6). RH6 works properly.
--=20
Regards...=A0 =A0 =A0 Todd
"It is the nature of the human species to reject what is true but
unpleasant and to embrace what is obviously false but comforting."
"You might be a skeptic if you have pedantically argued the topic of pedant=
ry."
