ip6fw

[Jasper Jongmans]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 04 Dec 2000, Warren Matthews wrote:
> # ip6fw -a list
> 24000       1455      46984 allow log ipv6-icmp from any to any
> 32000      67343   49295534 allow log ipv6 from any to any
> 65535          1         20 deny ipv6 from any to any
> 
> In the log I see 
> 
>   Dec  4 17:26:58 SCYLLA /kernel: ip6fw: 24000 Accept IPV6-ICMP:134.0
>   [fe80::0210:7bff:feb5:8f41] [ff02::0001] in via xl0
> 
> (fe80::0210:7bff:feb5:8f41 is my router, xl0 is the outside interface)
> 
> And 
> 
> # ifconfig xl0
>         inet6 2001:400:808:1:210:5aff:fe78:267c prefixlen 64 
> 
> but
> 
> # ifconfig xl1
>         inet6 fe80::2c0:4fff:fe04:27fe%xl1 prefixlen 64 scopeid 0x2
> 
> (xl1 is the inside interface).

I now get the idea that you are trying to forward router advertisements from one interface to another. Router advertisements are only suited for a local physical network (that is why the fe80 prefix is used), so you cannot forward them to another network on IP-level. If you want a LAN to get autoconfig'ed too, you must either have your own prefix and have your own advertising router; or you must compile in bridge support in your kernel (which will forward packets at physical network level). My ISP forbids all customers to use a kernel bridge function, since it seems to crash their switches and/or routers, so be careful when using it. :)

- -- 
Jasper Jongmans                                            aprogas@mail.com
Website                         http://aprogas.student.utwente.nl/~aprogas/
PGP public key            ftp://aprogas.student.utwente.nl/keys/pgp_dss.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE6LC3pfuu+THq4fAIRAi6pAKC23nrNNIk3bXGZiN3JcW04Tk34EwCgs7Az
WFCRoM8Jc0Lblh5do8JsaTI=
=K8vK
-----END PGP SIGNATURE-----