Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default deny rule IPv6 (1000000105) despite firewall rule

    Firewalling
    2
    22
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lifespeed @Bob.Dig
      last edited by lifespeed

      Btw: Found a ps script for CF, will try it.
      PPS: To bad, it will only do IPv4 :(

      @Bob-Dig it would definitely be easier to hand the task of updating host's DDNS off to pFsense, but today you have to get the host to do it. Is there a way I can upvote your bug/feature request?

      As to the the value of implementing a full IPv4/6 network all the way through the firewall, I have on several occasions seen a dramatic performance increase with IPv6, sometimes a factor of 2X from 12Mb to 25Mb doing an FTP upload from my 1Gb/40Mb Comcast hybrid-fiber-coax connection to an AT&T fiber-to-the curb computer across town. In theory the protocol doesn't matter, in practice, if there is translation, it matters.

      1 Reply Last reply Reply Quote 0
      • L
        lifespeed @Bob.Dig
        last edited by

        @bob-dig said in Default deny rule IPv6 (1000000105) despite firewall rule:

        So going back to the beginning, why is the IPv6-address missing in an alias created from an FQDN containg the IPv6-address...

        Because when myhost prepends the FQDN mydomain.com, pFsense DNS forwarder uses the DHCPv4 static mappings. And I am not sure that is incorrect for my use case, but it sure messes with the use of aliases and DDNS until you work around it.

        34d1e3ee-bb71-4e6a-a83e-5a7b510095ca-image.png

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.