IPv6 and /etc/resolv.conf
-
@Gertjan said in IPv6 and /etc/resolv.conf:
Humanity
hahaah - yeah I agree ipv6 is the future, etc. Problem is now that all the mobile stuff has been moved over to IPv6.. Stuff where there are billions of clients, etc. There is no financial push to move the rest.. You got some company that owns plenty of IPv4 space for their needs.. Why should should they move to IPv6, and not like they can just drop all their IPv4 space, etc.. There is no benefit for them - its money, its work, its time that they could be working on other things, etc..
Companies do not just invest in moving to something new, unless they are going to get something out of it.. Which currently that something is not really there other than they could get off the no IPv6 shame list ;)
My isp doesn't even offer IPv6 - and I have not heard any sort of even hint that its down the road, etc..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.03 | Lab VMs 2.7.2, 24.03 -
If I enable SLLAC I have to make new ACLs because devices all create temp addresses over managed it gets my assigned IPv6 no change with testing same result. IPv6 only ->to IPv6 sites nothing works no sites.
-
@johnpoz @Gertjan if you want to check out the pcap file it just says conflict
I do block DoH on known major players like wack a mole. So ignore that and QUIC is also blocked HTTP3. Thus DoH over HTTP3 is also blocked.
Outside of that it should work right?
It acts like the firewall can't respond to clients backwards
<---The 007 File Is now Gone--->
Client we are looking at is
2001:xxx.xxxx:a:192:168:1:5 ----> accessing [2001:xxx:xxxx:a:192:168:1:1]:3128That is the IPv6 only client it can't get web traffic with it set to use the IPv6 proxy ran same in pfSense Plus 24.03 and 23.05(my favorite version) they all do the same thing with Squid 6.6(version with security fixes) and or Squid 5.8 (old working version that has status page)
WARNING THIS MESSAGE WILL SELF DESTRUCT AFTER YOU READ THE PCAP
Please reply when you look at this so I can delete this file
-
@JonathanLee yeah that seems to this
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.03 | Lab VMs 2.7.2, 24.03 -
@johnpoz I never enabled that, maybe it is on by default for IPv6...
-
@johnpoz turned if off same results
-
@johnpoz
Maybe it’s because it’s HE tunnel and Squid doesn’t know what to do with the connections that connect to the IPv6 interface address?Does it require
acl localnet src fc00::/7 acl localnet src fe80::/10
