On 9/2/23 17:13, Anssi Saari wrote:
If you don't have IPv6 forwarding on the router then none of your internal hosts will be able to communicate on IPv6 beyond your router. Unless you use NAT of course, or in certain circumstances a protocol proxy.If forwarding is not enabled, then the LAN IPv6 hosts are just as isolated from incoming traffic from the internet as hosts behind NAT.
with ip6tables it's dead easy to block unsolicited connections yet still allow outgoing and incoming related/established traffic.
Off topic I noticed my IPv4 SIP phone wasn't receiving incoming calls all the time. After investigation I found the (IPv4 NAT) iptables setup had a short timeout for related/established traffic. In my case the phone was registering every 2 hours which was too long. I dropped that to 2 minutes and my incoming call problems went away
Jeremy