Packet to ff02::1

Michael Kjorling michael@kjorling.com
Tue, 26 Mar 2002 18:03:37 +0100 (CET)

Previous message: w2k & ipv6 - need help
Next message: Packet to ff02::1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All right, this might be a little off topic here (if it is, please
point me at the right place), but I am finally getting a serious grasp
of IPv6 and ran across this little one in my logs. It's logged as
being denied (quite in accordance with the firewall rules I have set
up), but my question is: what are the implications of disallowing the
"all nodes multicast" address (and the other addresses in the same
category)? (varg, among else, serves as my IPv6 router.)

> Mar 26 16:50:42 varg kernel: IN=eth1 OUT= MAC= SRC=fe80:0000:0000:0000:02a0:ccff:fe52:e0a4 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=128 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=ICMPv6 TYPE=134 CODE=0
> Mar 26 16:50:42 varg kernel: IN=eth0 OUT= MAC=33:33:00:00:00:01:00:a0:cc:52:e0:a4:86:dd SRC=fe80:0000:0000:0000:02a0:ccff:fe52:e0a4 DST=ff02:0000:0000:0000:0000:0000:0000:0001 LEN=128 TC=0 HOPLIMIT=255 FLOWLBL=0 PROTO=ICMPv6 TYPE=134 CODE=0

Also if someone has a list of the special (non-2000::/3) addresses and
address blocks which I need to allow (locally and globally) at hand,
that would be perfect. I would like to respond to packets that won't
get anywhere anyway with network unreachable right away (for some
reason the system keeps insisting on having its ::/0 route in the
routing table and I don't seem to be able to remove it easily),
instead of polluting my uplink. This seems to me like wise practice
even though the actual number of packages at all over IPv6 will be
very limited to start with.

Any input would be greatly appreciated!


Michael Kjörling

- -- 
Michael Kjörling  --  Programmer/Network administrator  ^..^
Internet: michael@kjorling.com -- FidoNet: 2:204/254.4   \/
PGP: 95f1 074d 336d f8f0 f297 6a5b 2aa3 7bfd 8a70 e33e

``And indeed people sometimes speak of man's "bestial" cruelty, but
this is very unfair and insulting to the beasts: a beast can never be
so cruel as a man, so ingeniously, so artistically cruel.''
(Ivan Karamazov, in Dostoyevsky's 'The Brothers Karamazov')
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Public key is at http://michael.kjorling.com/contact/pgp.html

iD8DBQE8oKntKqN7/Ypw4z4RAmB7AKD6/l1Cog6AhuQrrXr7FnmBvLw+oQCgpJrC
Sfdsdfk20w9MJthFahvu7Ro=
=xi5S
-----END PGP SIGNATURE-----

Previous message: w2k & ipv6 - need help
Next message: Packet to ff02::1
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]