ipv6 keep state on ipv6 ftp connections problem
C4INet lists
lists at c4inet.net
Thu Mar 18 06:03:37 PST 2004
Hi all,
I've now found the reason for the problems with ipv6 ftp transmissions. It seems to be a problem with pf and the "keep state" argument.
The problem was that a ipv6 ftp download would stall after ~60 kBytes transmitted. pfctl -ss showed the TCP stream(s) as CLOSED:SYN SENT.
The box running pf is a DSL router/ v6 tunnel endpoint, running RELENG_5_1 and pf-2.03.
The offending pf.conf rules:
pass out on gif0 inet6 all keep state
pass in on gif0 inet6 all keep state
After removing the "keep state" argument, everything worked. Strangely, this seemed to only affect traffic from other hosts on the network, traffic originating on the router worked fine.
rgds,
Sascha
More information about the freebsd-net
mailing list