On 9/2/23 17:13, Anssi Saari wrote:
If forwarding is not enabled, then the LAN IPv6 hosts are just as
isolated from incoming traffic from the internet as hosts behind NAT.
If you don't have IPv6 forwarding on the router then none of your
internal hosts will be able to communicate on IPv6 beyond your router.
Unless you use NAT of course, or in certain circumstances a protocol proxy.
with ip6tables it's dead easy to block unsolicited connections yet still
allow outgoing and incoming related/established traffic.
Off topic I noticed my IPv4 SIP phone wasn't receiving incoming calls
all the time. After investigation I found the (IPv4 NAT) iptables setup
had a short timeout for related/established traffic. In my case the
phone was registering every 2 hours which was too long. I dropped that
to 2 minutes and my incoming call problems went away
Jeremy
