[opensuse] urgent help needed: Leap 15.1, firewalld, router not forwarding IPv6
Hi, I just upgraded my firewall/router from 15.0 to 15.1 with zypper, and now it's not forwarding IPv6 anymore. I have not changed anything about the firewall settings (internal interface is in trusted, external in external, masquerade is on in external), before the upgrade I could talk IPv6 from any internal host just fine, now i can't. I can talk IPv6 from the router itself, but not from any machines behind it. Any ideas? Cheers *Mathias Homann* Mathias.Homann@openSUSE:.org[1] irc: [Lemmy] @ freenode, ircnet obs: lemmy04 *gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102* -------- [1] mailto:Mathias.Homann@eregion.de
...and now after another reboot the external interface doesn't accept RA anymore even though the sysctl is set correctly. *not* happy. Am 11.10.2019 um 22:35 schrieb Mathias Homann:
Hi,
I just upgraded my firewall/router from 15.0 to 15.1 with zypper, and now it's not forwarding IPv6 anymore.
I have not changed anything about the firewall settings (internal interface is in trusted, external in external, masquerade is on in external), before the upgrade I could talk IPv6 from any internal host just fine, now i can't. I can talk IPv6 from the router itself, but not from any machines behind it.
Any ideas?
Cheers
*Mathias Homann* Mathias.Homann@openSUSE:.org[1] irc: [Lemmy] @ freenode, ircnet obs: lemmy04 *gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102*
-------- [1] mailto:Mathias.Homann@eregion.de
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, 11 Oct 2019 23:21:26 +0200 Mathias Homann <Mathias.Homann@opensuse.org> wrote:
...and now after another reboot the external interface doesn't accept RA anymore even though the sysctl is set correctly.
*not* happy.
Sorry, but you haven't even said which firewall you're running? and for myself I don't know what RA means and I'm going to bed.
Am 11.10.2019 um 22:35 schrieb Mathias Homann:
Hi,
I just upgraded my firewall/router from 15.0 to 15.1 with zypper, and now it's not forwarding IPv6 anymore.
I have not changed anything about the firewall settings (internal interface is in trusted, external in external, masquerade is on in external), before the upgrade I could talk IPv6 from any internal host just fine, now i can't. I can talk IPv6 from the router itself, but not from any machines behind it.
Any ideas?
Cheers
*Mathias Homann* Mathias.Homann@openSUSE:.org[1] irc: [Lemmy] @ freenode, ircnet obs: lemmy04 *gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102*
-------- [1] mailto:Mathias.Homann@eregion.de
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Saturday, 2019-10-12 at 00:37 +0100, Dave Howorth wrote:
On Fri, 11 Oct 2019 23:21:26 +0200 Mathias Homann <Mathias.Homann@opensuse.org> wrote:
...and now after another reboot the external interface doesn't accept RA anymore even though the sysctl is set correctly.
*not* happy.
Sorry, but you haven't even said which firewall you're running?
Yes, he has, in the subject line. - -- Cheers, Carlos E. R. (from openSUSE 15.1 x86_64 at Telcontar) -----BEGIN PGP SIGNATURE----- iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXaEn+hwccm9iaW4ubGlz dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfVfmcAnA0LYhXmYKYYsLX8/ij/ YwFqXY9YAJ0RvK+1dMcFIUaThI9PZTDkEg3GsA== =QuwZ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
solved. half of the issue was me messing with sysctl, the other half is the fact that firewalld 0.7.2 doesn't enable masquerading on IPv6 by default anymore - one rich rule later and all is well. Cheers MH Am Freitag, 11. Oktober 2019, 23:21:26 CEST schrieb Mathias Homann:
...and now after another reboot the external interface doesn't accept RA anymore even though the sysctl is set correctly.
*not* happy.
Am 11.10.2019 um 22:35 schrieb Mathias Homann:
Hi,
I just upgraded my firewall/router from 15.0 to 15.1 with zypper, and now it's not forwarding IPv6 anymore.
I have not changed anything about the firewall settings (internal interface is in trusted, external in external, masquerade is on in external), before the upgrade I could talk IPv6 from any internal host just fine, now i can't. I can talk IPv6 from the router itself, but not from any machines behind it.
Any ideas?
Cheers
*Mathias Homann* Mathias.Homann@openSUSE:.org[1] irc: [Lemmy] @ freenode, ircnet obs: lemmy04 *gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102*
-------- [1] mailto:Mathias.Homann@eregion.de
*Mathias Homann* Mathias.Homann@openSUSE.org[1] telegram: https://telegram.me/lemmy98[2] irc: [lemmy] on freenode and ircnet obs: lemmy04 *gpg key fingerprint: 8029 2240 F4DD 7776 E7D2 C042 6B8E 029E 13F2 C102 * -------- [1] mailto:Mathias.Homann@eregion.de [2] https://telegram.me/lemmy98 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
participants (3)
-
Carlos E. R.
-
Dave Howorth
-
Mathias Homann