ipv6 network fail (newbie alert)

Philipp Kern phil at philkern.de
Fri Mar 15 09:58:14 CET 2013


On Fri, Mar 15, 2013 at 06:42:21PM +1000, Nick Edwards wrote:
> Type 2, I concede, but type 1, I do not , defeats purpose of drop from
> my reading.

Given that you're talking about INPUT… if you don't want to be notified that
the host isn't actually reachable, you deserve your timeouts.

(You didn't specify any conntrack rules, not sure if they'll DTRT.)

Kind regards
Philipp Kern



More information about the ipv6-ops mailing list