= Сообщение: 3355 из 7440 ============================================= IPV6 = От : Tony Langdon 3:633/410 10 Aug 16 07:57:00 Кому : Michiel van der Vlist 10 Aug 16 07:57:00 Тема : Re: IPV6 and Netgear FGHI : area://IPV6?msgid=1812.fido-ipv6@3:633/410+1c0fa1a2 На : area://IPV6?msgid=2:280/5555+57aa3533 = Кодировка сообщения определена как: CP866 ================================== ============================================================================== -=> Michiel van der Vlist wrote to Tony Langdon <=-
MvV>> The internal IPv6 address defaults to ::. Which in a way also MvV>> makes sense. Interesting is the option "MACV6". Instead of the MvV>> IPv6 addres,
TL> That is an interesting option. I don't have that one that I know of, TL> but I can see it being quite useful.
MvV> It would be useful fot IPv4 too, I'd say.
Yes it would. SOme routers are smart enough to use the hostname for IPv4 port forwarding, which the router can pick up from the DHCP handshake. I think mine can do this, but not 100% sure, because I always use static IPs for forwarding.
TL> Yes, it will lead to confusion for the average punter.
MvV> It confused me...
I just figured filtering is what they meant and put it down to an attempt at dumbing down. :)
TL> Only way ICMP echo (ping) is allowed to hosts behind the router is if TL> I use the exposed host option.
MvV> That is not good. In IPv6 ICMP should never be turned of completely. MvV> Some parts of it are essential for the proper operation of IPv6. MvV> "Packet too large comes to mind". Even if you have all ports closed or MvV> stealthed, ICMP should not be disabled completely.
AGAIN, you DIDN'T read (last time I let it slide and made sure I clarified it :) ). I said "ICMP echo (ping)", which is just one function of the ICMP protocol. I can't be 100% sure about the rest of ICMP, but yes, I agree, the rest of ICMP is essential and should never be blocked.
TL> There is another option in the firewall setup to allow ICMP echo, but TL> that's for the router itself, and I'm unsure if that affects IPv6 as TL> well as IPv4.
MvV> You can test it using one of the looking glass servers.