Ipv6 firewall settings for BTHH5A as a modem

Hello Experts!

I am learning ipv6 and I have a couple of questions about firewall. I have a LinkSys EA8300 router for routing and a BTHH5A for connecting to DSL. Both devices have OW 23.05.3. The schematic is :

Lan-client --> LS-lan --> LS-wan --> BT-lan --> BT-wan --> internet ( via Sky-ONT )

I want to use the BTHH5A as a mere modem. I am confused about my firewall settings. Here are my questions about the BTHH5A modem.

  1. A static dhcp v4 lease on BT-lan points to LS-wan. I put a port forward rule for the incoming traffic form internet to BT-wan to redirect to the LS-wan's ipv4. This rule seems to work as I can connect ssh over two obscure ports opened on LS-wan.
    How do I accomplish this mission on ipv6 ? Does that make any sense ? I am stuck at firewall ipv6 port forward rules. There are a lot of internal addresses to forward the traffic to. Some of them are 2a02:* ( isp delegated ? ), fdbb:* (ula) and fe80:* (lla). Which one I choose? Ideally I want to forward to LS-wan, but its mac address does not appear in the offered list. How can I positively route the incoming ipv6 traffic to LS-wan ? For the time being I am redirecting to the DP of LS-wan6. Again, does that make any sense ?

  2. Who should answer the ping doorbell : What do I do with default traffic rules such as Allow-DHCP-Renew, Allow-Ping, Allow-IGMP, ... ? Should I delete these rules as they will be handled by downstream LS router? Or should I keep them so that the upstream isp router gets what it's looking for?

Your inputs are precious. :slight_smile: Thank you !


Oh boy,

I blame it on my ignorence! A tcpdump revealed many secrets.

Does that make any sense ?

No it doesn't make any sense. ipv6 does not work like ipv4.

Or should I keep them so that the upstream isp router gets what it's looking for?

I don't have to remove the basic security on the modem. Let it be as it is.

Thanks to the readers who endured my naivety.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.