Allow DHCP6 through firewall?

Unanswered Question
Aug 28th, 2013
User Badges:

I'm looking for a quick-n-dirty of what needs to be allowed to pass through a firewall for DHCP6 to work. I know DHCP6 uses UDP546 on the client and UDP547 on the server. I also believe that there is some important ICMP traffic, but allowing all ipv6-icmp from the DHCP server isn't cutting the mustard. I have RFC 3315 open, but... well, it's an RFC, and my head is already hurting.



Specifically, I want to get this working with OSX 'Mountain Lion' and ip6fw.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Harold Ritter Wed, 08/28/2013 - 10:35
User Badges:
  • Cisco Employee,

Hi,


I am not sure what icmp messages you were referring to. Allowing udp 546 to udp 547 and vice versa should suffice for dhcpv6 to work.


Regards

cadet alain Thu, 09/05/2013 - 05:37
User Badges:
  • Purple, 4500 points or more

Hi,

The ICMP messages you're talking about are for  IPv6 ND features like NS/NA or RS/RA but not for DHCPv6.


Regards


Alain



Don't forget to rate helpful posts.

Harold Ritter Thu, 09/05/2013 - 05:58
User Badges:
  • Cisco Employee,

Hi Alain,


These ICMPv6 messages are exchanged on the local subnet and will not traverse the FW unless it runs in transparent mode.


Regards

cadet alain Thu, 09/05/2013 - 07:45
User Badges:
  • Purple, 4500 points or more

Hi Harold,

Yes you're correct I should have mentioned the mode had to be transparent, my bad.


Regards


Alain


Don't forget to rate helpful posts.

Actions

This Discussion

Related Content