Ok.
So prior to now I didn’t have a product that would let me reliably use IPV6. I got a new 493G RouterBoard and have been setting up my Hurricane Electric tunnel. Running RouterOS 5.23
I’ve got IPV6 working, I can ping and view ipv6.google.com and v6.facebook.com and other sites, but if I run test-ipv6.com it passes
If I do a scan IPv6 Host from HE I get:
Starting Nmap 5.00 ( http://nmap.org ) at 2013-02-11 07:02 PST
Interesting ports on xx
Not shown: 993 closed ports
PORT STATE SERVICE
22/tcp open ssh
88/tcp open kerberos-sec
515/tcp open printer
548/tcp open afp
3689/tcp open rendezvous
5900/tcp open vnc
49152/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 34.10 seconds
Which means my software firewall on the computer is working and doing what I expect (I have those ports open). As best as I can tell, I’m good to go.
I did some searching, and I found one sample IPv6 firewall (http://forum.mikrotik.com/t/hairpin-nat-with-dynamic-wan-ip/56154/1), but if I enable it, traffic stops. I’m guessing I’m doing it wrong for now. Need to review the accept chains I’m pretty sure I goofed.
I was wondering if someone could answer what I think is a basic question. Ignoring the NAT as there is no NAT, would every other filter rule I do for IPv4 work for IPv6, meaning if I do everything 'the same way it would work the same way. Or is there anything new I should consider?
Also, using Autoconfigure I’m not getting DNS handed out (obviously). Are there any mechanisms to have the router advertise DNS servers?
Thanks