I currently rely on a Pi-Hole enabled device to manage white/blacklists within the newtork. However ipv6 traffic seems to be very high and the Pi-Hole struggles to indentify it.
Is there a simple way at the router level to disable ipv6 tunnelling? Ii have read about 6in4 weaknesses and dangers and looking at the traffic it seems to be exclusively used by advertising sites/tag management/etc which escape the ipv4 whitelist in the Pi-Hole.
Thank you.
CCR1016
Current Firmware 3.27
RouterOS 6.41
WinBox
Re: ipv6 6in4 ISATAP traffic block
Hi
6in4 goes over protocol 41. If you don't want it, don't allow protocol41 over your routers.
6in4 goes over protocol 41. If you don't want it, don't allow protocol41 over your routers.
Re: ipv6 6in4 ISATAP traffic block
On the security aspect, which "weaknesses and dangers" are you referring too?
The dangers of 6in4, are same as in native ipv6: injection, spoofing, ... Nothing new here.
Please remember that 6to4 is a different thing than 6in4.
The dangers of 6in4, are same as in native ipv6: injection, spoofing, ... Nothing new here.
Please remember that 6to4 is a different thing than 6in4.
Who is online
Users browsing this forum: mquan1984 and 126 guests