neighbor discovery problem
Jeremy Chadwick
koitsu at FreeBSD.org
Tue Aug 12 11:31:24 UTC 2008
On Tue, Aug 12, 2008 at 01:17:27PM +0200, Mathieu Arnold wrote:
> +-le 12.08.2008 01:34:03 -0700, Jeremy Chadwick a dit :
> | Important note: I know absolutely nothing about IPv6.
> |
> | Do you have ACLs on any of these machines? !A in traceroute commonly
> | means there's an ACL blocking said packets:
> |
> | !A (communication with destination network administratively prohibited)
> |
> | A ping from the other host might cause a stateful firewall to begin
> | allowing said traffic to/from the machine which previously wasn't
> | working.
> |
> | If you use a firewall on these machines (ipfw, pf, etc.), I'd recommend
> | posting your problem to the freebsd-pf list instead.
>
> Hum, no, I've verified it already, there is pf enabled on the gateway, which
> is also a firewall, but only on the external interface which does not come in
> play here.
That depends. Are you using "set skip" on non-external interfaces, or
are you using pass rules to explicitly pass all traffic?
Sorry if it sounds like I'm doubting you, but !A really looks like an
ACL thing.
--
| Jeremy Chadwick jdc at parodius.com |
| Parodius Networking http://www.parodius.com/ |
| UNIX Systems Administrator Mountain View, CA, USA |
| Making life hard for others since 1977. PGP: 4BD6C0CB |
More information about the freebsd-stable
mailing list