Koenraad Lelong wrote:
Actually my modem is also a router. It's a "xDSL-router". I also set up a tunnel on my main linux-box, because I don't know how to successfully place a router after a router with ipv6. The tunnel works fine but it's only serving a single subnet/prefix. Now I'm trying to get it working natively, first using another linux-machine so I don't disrupt my working setup.
OK, so they're using a tunnel, not native IPv6. Linux can handle various tunnel types. In addition to installing RADVD, I had to manually add a forwarding rule to /etc/sysconfig/SuSEfirewall2 to forward the subnet to my local network. Here's that line: FW_FORWARD="2001:x:y:z::/56,2000::/3 \ 2000::/3,2001:x:y:z::/56,tcp,imaps \ 2000::/3,2001:x:y:z::/56,tcp,ssh" This is line 592 in that file. As shown, it forwards to and from my subnet and also allows only ssh and imaps incoming. I replaced part of my actual address with x:y:z. If you don't want to filter any protocols, delete everything after /56 on the second line. If you want to filter more, just create additional lines as shown. The usual Yast Firewall filters work fine for traffic destined for the firewall/router computer, but not routing IPv6 traffic to your network. BTW, why are you using dhcp6 for addresses? That's normally not necessary. The router advertises the local network and the computers combine that with their MAC address and/or random number to create a valid IPv6 address. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org