On 2015-06-26, Giancarlo Razzolini <grazzol...@gmail.com> wrote: > I've recently changed my ISP and they have native IPv6. My customer > premises equipment, which is a GPON, supports both stateless as DHCPv6 > on it's LAN interface. I want to put a OpenBSD firewall between this CPE > and my internal network.
So you have TWO networks. One between the CPE and your OpenBSD firewall, and one containing the firewall and your internal machines. > I'm using OpenBSD 5.7 stable. My CPE receive a > /64 prefix delegation from my ISP. So you get ONE network address. You can't use a single network address for two networks. This has nothing to do with IPv6. It's the same with IPv4. You can use private addresses for your internal network and run NAT on the firewall. Or you can configure your firewall as a bridge and filter there. http://www.openbsd.org/faq/faq6.html#Bridge -- Christian "naddy" Weisgerber na...@mips.inka.de
