- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Netgear R7000 IPv6 ICMP Filtered
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
When going to http://ipv6-test.com/
The test only gives my 17/20
The reason is that ICMP is filtered which according to that site is a bad thing.
I know it is definately the router doing the filtering because I know how to stop windows filtering it and android doesn't filter it by default.
I have looked in the router interface settings and cannot find any setting that will stop ICMPv6 being filtered.
Is this website correct?
Is filtering ICMP really a problem?
Will it cause problems when websites start going ipv6 only?
I have owned the router a few months now and it would be the perfect router if it wasn't for this website saying ICMP filtering is a problem.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
malacath wrote:
Is this website correct?
Yes.
Is filtering ICMP really a problem?
Will it cause problems when websites start going ipv6 only?
It can be a problem. IPv6 relies on something calling PMTUD (Path MTU Discovery) to work. Blocking ICMPv6 prevents PMTUD from working. Unfortunately, unblocking ICMPv6 has a downside. It can expose your devices to a certain kind of DoS attack (atomic fragment attack). This puts you in a "Damned if you do. Damned if you don't." situation. There is work ongoing in the IETF (the standards group for TCP/IP Protocols) to figure out how to fix this.
In the meantime, you may find that things will work even without ICMPv6. Consider yourself lucky.
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
malacath wrote:
Is this website correct?
Yes.
Is filtering ICMP really a problem?
Will it cause problems when websites start going ipv6 only?
It can be a problem. IPv6 relies on something calling PMTUD (Path MTU Discovery) to work. Blocking ICMPv6 prevents PMTUD from working. Unfortunately, unblocking ICMPv6 has a downside. It can expose your devices to a certain kind of DoS attack (atomic fragment attack). This puts you in a "Damned if you do. Damned if you don't." situation. There is work ongoing in the IETF (the standards group for TCP/IP Protocols) to figure out how to fix this.
In the meantime, you may find that things will work even without ICMPv6. Consider yourself lucky.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 IPv6 ICMP Filtered
Thanks for the info.
Sounds like it's nothing to worry about for now?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 IPv6 ICMP Filtered
You may be lucky and everything works. Or you may find that certain destinations are unreachable.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: Netgear R7000 IPv6 ICMP Filtered
Who is your service provider? My ICMP wasn't working. Turns out it was due to ATT's RG. Even in passthrough/DMZ+ mode, their RG blocks protocol 41 and cripples IPV6. If you bypass their RG using a VLAN switch, you can have your router's WAN directly connected to the ONT. Using this method with proper 6RD settings makes it work. ICMP is reachable now. I get 19/20 now. The only reason I'm not getting 20/20 is due to the lack of RDNS for ATT.
• Introducing NETGEAR WiFi 7 Orbi 770 Series and Nighthawk RS300
• What is the difference between WiFi 6 and WiFi 7?
• Yes! WiFi 7 is backwards compatible with other Wifi devices? Learn more