Hi, I'm new to ipv6 and have it working until I set up some firewall rules. Then my devices don't get an ipv6 address.
I want to block all input to the router except a specific /64 network. Still ip advertising should work.
these are my firewall rules:
/ipv6 firewall filter
add action=accept chain=input comment="Allow from mgmt networks" src-address-list=mgmt
add action=accept chain=input comment="Allow established,related" connection-state=established,related
add action=accept chain=input comment="Accept DHCPv6-client prefix delegation" dst-port=546 protocol=udp \
src-address=fe80::/10
add action=drop chain=input comment="Default drop"
add action=accept chain=forward connection-state=established,related
add action=drop chain=forward comment="Drop all from wan" in-interface=to-meterkast-router-pppoe
If I add this rule ip advertising is working. But I don't want to give all devices access to the router. So this rule should be altered so only advertising is allowed.
add action=accept chain=input src-address=fe80::/10
Is ip advertising working on a specific protocol or port?