UFW block dhclient for ipv6





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







0















I have setup ufw and now I'm tring to setup IPv6 using dhclient:



interface "eth0" {

   send dhcp6.client-id DUID;

}


When ufw is enabled it blocks dchp for ipv6, when i disable ufw, all is OK and dhcp starts fine.



ufw allow from any port 547 to any port 546 proto udp that help, but is that corect decision?






16.04 networking server ufw







share|improve this question

























  • Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

    – Mr Shunz
    Feb 12 at 9:34











  • ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

    – Beliaf
    Feb 12 at 10:30


















0















I have setup ufw and now I'm tring to setup IPv6 using dhclient:



interface "eth0" {

   send dhcp6.client-id DUID;

}


When ufw is enabled it blocks dchp for ipv6, when i disable ufw, all is OK and dhcp starts fine.



ufw allow from any port 547 to any port 546 proto udp that help, but is that corect decision?






16.04 networking server ufw







share|improve this question

























  • Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

    – Mr Shunz
    Feb 12 at 9:34











  • ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

    – Beliaf
    Feb 12 at 10:30














0












0








0








I have setup ufw and now I'm tring to setup IPv6 using dhclient:



interface "eth0" {

   send dhcp6.client-id DUID;

}


When ufw is enabled it blocks dchp for ipv6, when i disable ufw, all is OK and dhcp starts fine.



ufw allow from any port 547 to any port 546 proto udp that help, but is that corect decision?






16.04 networking server ufw







share|improve this question
















I have setup ufw and now I'm tring to setup IPv6 using dhclient:



interface "eth0" {

   send dhcp6.client-id DUID;

}


When ufw is enabled it blocks dchp for ipv6, when i disable ufw, all is OK and dhcp starts fine.



ufw allow from any port 547 to any port 546 proto udp that help, but is that corect decision?






16.04 networking server ufw




16.04 networking server ufw






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 12 at 10:41







Beliaf

















asked Feb 12 at 7:41









BeliafBeliaf

32




32













  • Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

    – Mr Shunz
    Feb 12 at 9:34











  • ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

    – Beliaf
    Feb 12 at 10:30



















  • Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

    – Mr Shunz
    Feb 12 at 9:34











  • ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

    – Beliaf
    Feb 12 at 10:30

















Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

– Mr Shunz
Feb 12 at 9:34





Hello and welcome to AskUbuntu! Can you share your ufw configuration? The question as is it's too broad/vague?

– Mr Shunz
Feb 12 at 9:34













ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

– Beliaf
Feb 12 at 10:30





ufw allow from any port 547 to any port 546 proto udp that helps. or that isn't correct ?

– Beliaf
Feb 12 at 10:30










1 Answer
1






active

oldest

votes


















0














You have your ports swapped. If ufw is running on the dhcpv6 server, you should allow from port 546 to port 547:



sudo ufw allow from any port 546 to any port 547 proto udp


Your rule is valid for a dhcpv6 client. Please check that IPv6=yes is in /etc/default/ufw, too. I can't remember if it's enabled by default.



Also, I suggest you configure explicit multicast IPv6 adresses (fe00::/7) instead of any:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp


If your server is itself a DHCPv6 client (i.e. it gets its prefix delegation from a router), you should keep the original rule, too:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp

sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546 proto udp


Remember, a DHCPv6 Client initiate the connection from port 546 to port 547 via a multicast address in the range fe00::/7.






share|improve this answer


























  • /etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

    – Beliaf
    Feb 12 at 10:52











  • sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

    – Beliaf
    Feb 12 at 10:52











  • @Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

    – Mr Shunz
    Feb 12 at 10:54











  • ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

    – Beliaf
    Feb 12 at 10:56













  • cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

    – Beliaf
    Feb 12 at 10:57












Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1117589%2fufw-block-dhclient-for-ipv6%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














You have your ports swapped. If ufw is running on the dhcpv6 server, you should allow from port 546 to port 547:



sudo ufw allow from any port 546 to any port 547 proto udp


Your rule is valid for a dhcpv6 client. Please check that IPv6=yes is in /etc/default/ufw, too. I can't remember if it's enabled by default.



Also, I suggest you configure explicit multicast IPv6 adresses (fe00::/7) instead of any:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp


If your server is itself a DHCPv6 client (i.e. it gets its prefix delegation from a router), you should keep the original rule, too:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp

sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546 proto udp


Remember, a DHCPv6 Client initiate the connection from port 546 to port 547 via a multicast address in the range fe00::/7.






share|improve this answer


























  • /etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

    – Beliaf
    Feb 12 at 10:52











  • sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

    – Beliaf
    Feb 12 at 10:52











  • @Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

    – Mr Shunz
    Feb 12 at 10:54











  • ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

    – Beliaf
    Feb 12 at 10:56













  • cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

    – Beliaf
    Feb 12 at 10:57
















0














You have your ports swapped. If ufw is running on the dhcpv6 server, you should allow from port 546 to port 547:



sudo ufw allow from any port 546 to any port 547 proto udp


Your rule is valid for a dhcpv6 client. Please check that IPv6=yes is in /etc/default/ufw, too. I can't remember if it's enabled by default.



Also, I suggest you configure explicit multicast IPv6 adresses (fe00::/7) instead of any:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp


If your server is itself a DHCPv6 client (i.e. it gets its prefix delegation from a router), you should keep the original rule, too:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp

sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546 proto udp


Remember, a DHCPv6 Client initiate the connection from port 546 to port 547 via a multicast address in the range fe00::/7.






share|improve this answer


























  • /etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

    – Beliaf
    Feb 12 at 10:52











  • sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

    – Beliaf
    Feb 12 at 10:52











  • @Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

    – Mr Shunz
    Feb 12 at 10:54











  • ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

    – Beliaf
    Feb 12 at 10:56













  • cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

    – Beliaf
    Feb 12 at 10:57














0












0








0







You have your ports swapped. If ufw is running on the dhcpv6 server, you should allow from port 546 to port 547:



sudo ufw allow from any port 546 to any port 547 proto udp


Your rule is valid for a dhcpv6 client. Please check that IPv6=yes is in /etc/default/ufw, too. I can't remember if it's enabled by default.



Also, I suggest you configure explicit multicast IPv6 adresses (fe00::/7) instead of any:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp


If your server is itself a DHCPv6 client (i.e. it gets its prefix delegation from a router), you should keep the original rule, too:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp

sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546 proto udp


Remember, a DHCPv6 Client initiate the connection from port 546 to port 547 via a multicast address in the range fe00::/7.






share|improve this answer















You have your ports swapped. If ufw is running on the dhcpv6 server, you should allow from port 546 to port 547:



sudo ufw allow from any port 546 to any port 547 proto udp


Your rule is valid for a dhcpv6 client. Please check that IPv6=yes is in /etc/default/ufw, too. I can't remember if it's enabled by default.



Also, I suggest you configure explicit multicast IPv6 adresses (fe00::/7) instead of any:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp


If your server is itself a DHCPv6 client (i.e. it gets its prefix delegation from a router), you should keep the original rule, too:



sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp

sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546 proto udp


Remember, a DHCPv6 Client initiate the connection from port 546 to port 547 via a multicast address in the range fe00::/7.







share|improve this answer














share|improve this answer



share|improve this answer








edited Feb 12 at 11:03

























answered Feb 12 at 10:43









Mr ShunzMr Shunz

2,49131922




2,49131922













  • /etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

    – Beliaf
    Feb 12 at 10:52











  • sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

    – Beliaf
    Feb 12 at 10:52











  • @Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

    – Mr Shunz
    Feb 12 at 10:54











  • ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

    – Beliaf
    Feb 12 at 10:56













  • cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

    – Beliaf
    Feb 12 at 10:57



















  • /etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

    – Beliaf
    Feb 12 at 10:52











  • sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

    – Beliaf
    Feb 12 at 10:52











  • @Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

    – Mr Shunz
    Feb 12 at 10:54











  • ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

    – Beliaf
    Feb 12 at 10:56













  • cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

    – Beliaf
    Feb 12 at 10:57

















/etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

– Beliaf
Feb 12 at 10:52





/etc/default/ufw IPv6=yes but in uf.conf there isn't such configuration

– Beliaf
Feb 12 at 10:52













sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

– Beliaf
Feb 12 at 10:52





sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp i allowed 547 to 546, need vice versa?

– Beliaf
Feb 12 at 10:52













@Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

– Mr Shunz
Feb 12 at 10:54





@Beliaf exactly. Server uses port 547 and client 546, i.e. Client initiate the request from port 546 to port 547.

– Mr Shunz
Feb 12 at 10:54













ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

– Beliaf
Feb 12 at 10:56







ah ok, so i need add 2 rulse sudo ufw allow from fe00::/7 port 546 to fe00::/7 port 547 proto udp and sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp correct?

– Beliaf
Feb 12 at 10:56















cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

– Beliaf
Feb 12 at 10:57





cause if i remove sudo ufw allow from fe00::/7 port 547 to fe00::/7 port 546proto udp dhcp don't start and i have error PRC: Depreference scheduled in 1836 seconds. PRC: Expiration scheduled in 37836 seconds.

– Beliaf
Feb 12 at 10:57


















draft saved

draft discarded




















































Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1117589%2fufw-block-dhclient-for-ipv6%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Human spaceflight

Image
Human spaceflight From Wikipedia, the free encyclopedia Jump to navigation Jump to search "Space traveler" redirects here. For other uses, see Space traveler (disambiguation). @media all and (max-width:720px){.mw-parser-output .tmulti>.thumbinner{width:100%!important;max-width:none!important}.mw-parser-output .tmulti .tsingle{float:none!important;max-width:none!important;width:100%!important;text-align:center}} Apollo 11 crewmember Buzz Aldrin on the Moon, 1969 International Space Station crewmember Tracy Caldwell Dyson views the Earth, 2010 Space Shuttle Discovery heads into space with a crew aboard, STS-121 in 2006 Inside a space suit on the Canadarm, 1993 Human spaceflight (also referred to as crewed spaceflight or manned spaceflight ) is space travel with a crew or passengers aboard the spacecraft. Spacecraft carrying people may be operated directly, by human crew, or it may be e
Read more

Can not write log (Is /dev/pts mounted?) - openpty in Ubuntu-on-Windows?

Image
0 1 What exactly does the error message beginning with E: mean? I assume it has to do with the file structure on Ubuntu-on-Windows, but what exactly? The following package was automatically installed and is no longer required: os-prober Use 'apt-get autoremove' to remove it. The following extra packages will be installed: libxslt1.1 The following NEW packages will be installed: libxslt1.1 xmlstarlet 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 435 kB of archives. After this operation, 1023 kB of additional disk space will be used. Get:1 http://archive.ubuntu.com/ubuntu/ trusty/main libxslt1.1 amd64 1.1.28-2build1 [145 kB] Get:2 http://archive.ubuntu.com/ubuntu/ trusty/universe xmlstarlet amd64 1.5.0-1 [290 kB]
Read more

File:DeusFollowingSea.jpg

Image
File:DeusFollowingSea.jpg From Wikipedia, the free encyclopedia Jump to navigation Jump to search File File history File usage No higher resolution available. DeusFollowingSea.jpg ‎ (238 × 211 pixels, file size: 12 KB, MIME type: image/jpeg ) Summary [ edit ] Media data and Non-free use rationale Description Cover art of the Deus CD Following Sea Author or copyright owner Deus Source (WP:NFCC#4) rocksucker.co.uk Date of publication 2012 Use in article (WP:NFCC#7) Following Sea Purpose of use in article (WP:NFCC#8) to serve as the primary means of visual identification at the top of the article dedicated to the work in question. Not replaceable with free media because (WP:NFCC#1) n.a. Minimal use (WP:NFCC#3) Low res image used in infobox of the article on the album Respect for commercial opportunities (WP:NFCC#2) n.a. Fair use Fair use of co
Read more