NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

malacath's avatar
malacath
Aspirant
Apr 29, 2017
Solved

Netgear R7000 IPv6 ICMP Filtered

When going to http://ipv6-test.com/   The test only gives my 17/20   The reason is that ICMP is filtered which according to that site is a bad thing.   I know it is definately the router doing ...
  • TheEther's avatar
    Apr 29, 2017

    malacath wrote:

     

    Is this website correct?


    Yes.


    Is filtering ICMP really a problem?

    Will it cause problems when websites start going ipv6 only?


    It can be a problem.  IPv6 relies on something calling PMTUD (Path MTU Discovery) to work.  Blocking ICMPv6 prevents PMTUD from working.  Unfortunately, unblocking ICMPv6 has a downside.  It can expose your devices to a certain kind of DoS attack (atomic fragment attack).  This puts you in a "Damned if you do.  Damned if you don't." situation.  There is work ongoing in the IETF (the standards group for TCP/IP Protocols) to figure out how to fix this.

     

    In the meantime, you may find that things will work even without ICMPv6.  Consider yourself lucky.