PF vs. ping6

Colin Brace cb at
Fri Feb 22 00:14:57 UTC 2008

Hi all,

I am trying to set up a IPv6 tunnel following the instructions in the
handbook <>.
aiccu starts ok:

# sixxs-aiccu start
Tunnel Information for T14342:
POP Id      : nlams05
IPv6 Local  : xxxxxxxxxxxxxxxxx2/64
IPv6 Remote : xxxxxxxxxxxxxxxxx1/64
Tunnel Type : 6in4-heartbeat
Adminstate  : enabled
Userstate   : enabled

I can ping6 localhost, I can ping6 the tunnel begin point (local), but
I can't ping6 the (remote) end point. Firing up tcpdump, I see that
the firewall is blocking the ping packets.

I have these (provisional) rules at the top of the filter section in PF:

pass quick on fxp0 inet6 # ext if
pass quick on gif0 inet6

to no avail; PF is still blocking ping6. Am I missing something here?

 Colin Brace

