Second Lan network same interface

JKnott

I just tried pinging ipv6.google.com from a computer with a ULA and I see the requests heading out of the WAN port. I guess I should create a rule to block ULA addresses.

Derelict

Yup. Just like RFC1918.

JKnott

I just created a floating rule to block fc::/7 in both directions, but the pings are still leaving the firewall.

Screenshot_20170908_163212.png_thumb

Derelict

Did you kill the existing states?

Or at least stop and restart the ping?

Derelict

You should also check quick there.

JKnott

I did try it and it didn't make any difference. I'm using Wireshark, to monitor the cable from the firewall to cable modem. I just set it again and it's still not blocking.

JKnott

Well, that virtual IP killed my network again. I had to remove it for things to work properly.

Derelict

IDK again, man. Works here…

Packet capture on WAN for fc00::/7 shows nothing as well.

![Screen Shot 2017-09-08 at 3.21.53 PM.png](/public/imported_attachments/1/Screen Shot 2017-09-08 at 3.21.53 PM.png)
![Screen Shot 2017-09-08 at 3.21.53 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-09-08 at 3.21.53 PM.png_thumb)

JKnott

I have absolutely no idea what's causing these problems. I'm running the latest version on a refurb computer.

Derelict

Everything I am doing is 2.4-RC on a XenServer VM. I have no reason to believe 2.3.4_1 on a physical would be any different.