Ipv6 firewall settings for BTHH5A as a modem

Hello Experts!

I am learning ipv6 and I have a couple of questions about firewall. I have a LinkSys EA8300 router for routing and a BTHH5A for connecting to DSL. Both devices have OW 23.05.3. The schematic is :

Lan-client --> LS-lan --> LS-wan --> BT-lan --> BT-wan --> internet ( via Sky-ONT )

I want to use the BTHH5A as a mere modem. I am confused about my firewall settings. Here are my questions about the BTHH5A modem.

  1. A static dhcp v4 lease on BT-lan points to LS-wan. I put a port forward rule for the incoming traffic form internet to BT-wan to redirect to the LS-wan's ipv4. This rule seems to work as I can connect ssh over two obscure ports opened on LS-wan.
    How do I accomplish this mission on ipv6 ? Does that make any sense ? I am stuck at firewall ipv6 port forward rules. There are a lot of internal addresses to forward the traffic to. Some of them are 2a02:* ( isp delegated ? ), fdbb:* (ula) and fe80:* (lla). Which one I choose? Ideally I want to forward to LS-wan, but its mac address does not appear in the offered list. How can I positively route the incoming ipv6 traffic to LS-wan ? For the time being I am redirecting to the DP of LS-wan6. Again, does that make any sense ?

  2. Who should answer the ping doorbell : What do I do with default traffic rules such as Allow-DHCP-Renew, Allow-Ping, Allow-IGMP, ... ? Should I delete these rules as they will be handled by downstream LS router? Or should I keep them so that the upstream isp router gets what it's looking for?

Your inputs are precious. :slight_smile: Thank you !

-Gamma

Oh boy,

I blame it on my ignorence! A tcpdump revealed many secrets.

Does that make any sense ?

No it doesn't make any sense. ipv6 does not work like ipv4.

Or should I keep them so that the upstream isp router gets what it's looking for?

I don't have to remove the basic security on the modem. Let it be as it is.

Thanks to the readers who endured my naivety.

-Gamma

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.