[ipv6hackers] Operational ICMPv6 Filtering

daniel.bartram at bt.com daniel.bartram at bt.com
Thu May 31 15:30:02 CEST 2012

Thanks Simon. This particular ACL was for a WAN facing link towards an ISP infrastructure where a static /127 is used. I wasn't sure, but I didn't think blocking type 4 would have any affect at all?


-----Original Message-----
From: ipv6hackers-bounces at lists.si6networks.com [mailto:ipv6hackers-bounces at lists.si6networks.com] On Behalf Of Simon Perreault
Sent: 31 May 2012 14:24
To: ipv6hackers at lists.si6networks.com
Subject: Re: [ipv6hackers] Operational ICMPv6 Filtering

On 2012-05-31 09:12, daniel.bartram at bt.com wrote:
> So as far as I'm aware, my ACL wouldn't affect the operation of IPv6 at all... Of course, I could be wrong?

As others have said, don't reinvent the wheel. Look at this:

 From the list of things that MUST NOT be dropped, you're missing type 4 codes 1 and 2. (unrecognized next header, unrecognized ipv6 option)

DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source        --> http://ecdysis.viagenie.ca
STUN/TURN server               --> http://numb.viagenie.ca
Ipv6hackers mailing list
Ipv6hackers at lists.si6networks.com

More information about the Ipv6hackers mailing list