= Сообщение: 3517 из 7440 ============================================= IPV6 = От : Michiel van der Vlist 2:280/5555 03 Sep 16 13:43:14 Кому : Ray Quinn 03 Sep 16 13:43:14 Тема : 6rd IPv6 FGHI : area://IPV6?msgid=2:280/5555+57cab753 На : area://IPV6?msgid=71.fidoipv6@1:214/22+1c2f8818 = Кодировка сообщения определена как: CP850 ================================== ============================================================================== Hello Ray,
On Friday September 02 2016 21:14, you wrote to me:
MvV>> So they issue a /60 block. Had not seen that before...
RQ> With IPv4, I understand what the netmask means, I have a /29 as well RQ> as a /29 in the AMPRnet. (44/8)
For IPv6 it is bascially the same. The difference being that for IPv4 the total numbering space is 32 bit and for IPv6 it is 128 bit.
So if you have a /29 for IPv4 you have 32-29=3 bits own address space. Or 8 IPv4 addresses.
With a /60 for IPv6 you have 128-60=68 bits own address space. Or 16 subnets of 64 bits. RQ>> IP Address 104.49.12.129 RQ>> fe80::e23f:49ff:fead:fa9 RQ>> 2602:306:bd31:aa50:e23f:49ff:fead:fa9 RQ>> LAN IP Address RQ>> Allocation DHCP RQ>> IP Address Type RQ>> Hardware Address e0:3f:49:ad:0f:a9 RQ>> SSID: n/a RQ>> Status On
MvV>> This is the relevant part as far as your BBS and Fidonet is MvV>> concerned. The address starting with fe80 is the so called link MvV>> local address. It is only valid on the local link, so no use for MvV>> fidonet, but notable is that the lower 64 bits of that address MvV>> are the same as those of the address starting with 2602. The MvV>> reason they are the same is that those lower 64 bits are derived MvV>> from the MAC address of the interface.
RQ> I do remember someone referencing the MAC address is part of the RQ> overall IPv6 address.
MvV>> Ping bbs.quinnnet.org [2602:306:bd31:aa50:e23f:49ff:fead:fa9] MvV>> mit 32 Bytes Daten:
MvV>> Zeitüberschreitung der Anforderung.
RQ> I get that, too (request timed out), when I ping from outside.
So the firewall in your router does not pass IPv6 ping requests.
MvV>> + 12:02 [3424] call to 1:214/22@fidonet MvV>> 12:02 [3424] trying bbs.quinnnet.org MvV>> [2602:306:bd31:aa50:e23f:49ff:fead:fa9]... MvV>> ? 12:02 [3424] connection to 1:214/22@fidonet failed: {W32 API MvV>> error 10060} Connection timed out
RQ> I get this, too, when doing a port check from outside the LAN. RQ> However, I can connect to all ports (including 24554) to RQ> 2602:306:bd31:aa50:e23f:49ff:fead:fa9 from my Windows 10 desktop, RQ> which has IPv6 enabled, but has a private (192.168.x.x) address.
So IPv6 port 24554 is open on your fido machine. You can reach it from within your LAN.
MvV>> If IPv6 is included, you most likely have a firewall problem. MvV>> Just like you have to configure port forwarding in yopur router MvV>> for poer 24554 for IPv4, you have to tell the firewall in your MvV>> router to pass port 24554 for IPv6. And also the port for your MvV>> BBS.
I think the tests so far confirm that it is the firewall in your router that blocks incoming IPv6.
RQ> As to the firewall issue: In the router, the IPv4 address for RQ> bbs.quinnnet.org is a public address. By default, this causes the RQ> public address to be placed in DMZ (along with all the public IPv4 RQ> addresses) issued to my router. At this time, there are no entries on RQ> the BBS computer in either iptables nor ip6tables. In other words, NO RQ> firewall at all. However, I am finding that the port is filtered when RQ> checking using outside IPv6 port checking sites .
Yes, the firewall in the router block incoming IPv6.
MvV>> I can't help you with that as I do not know what router you MvV>> have.
RQ> Manufacturer Pace Plc RQ> Model 5031NV-030
I did a quick search on the internet and found some information. Your router has a stateful IPv6 firewall. It blocks unsollicited incoming IPv6. But you can make outgoing IPv6 calls.
MvV>> Also, if you have a firewall on your BBS system, you must open MvV>> the ports for IPv6 there.
RQ> See above. I can find no firewall. It doesn't mean there isn't one.
There definitely is one. But I do not know how to configure it to open IPv6 ports. You may have to ask AT&T. It looks like they have loaded your router with their own firmware. I hope we can figure this out so I can remove the "OO" from your listing in the list of IPv6 capable nodes.
