Enabling Ipv6 Advertisements - D-Link NetDefendOS User Manual

Example 3.12. Enabling IPv6 Advertisements
This example enables IPv6 advertisements on the wan Ethernet interface.
Command-Line Interface
gw-world:/> set Interface Ethernet wan EnableRouterAdvertisement=Yes
Web Interface
1. Go to: Network > Interfaces and VPN > Ethernet > wan
2. Go to: Advanced and enable the option: Enable router advertisement for this interface
3. Click OK
Enabling ICMP Error Pass Through
Unlike IPv4, fragmentation of IPv6 packets is only done by the originating host using the host's
selection of MTU size. Should the packets then encounter network equipment that cannot
handle the chosen MTU size, ICMP error messages are sent back to the originating host to
indicate that the MTU must be reduced and the packets resent.
For this reason, it is recommended to always enable the Pass returned ICMP errors messages
from destination property for any Service object used with an IP rule or IP policy for IPv6 traffic.
An alternative to this is to set up IP rules or policies which explicitly allow the ICMP error
messages in both directions.
The exception to this is if the MTU is initially set to 1280 which is the minimum MTU supported
by IPv6. In this case, there is no need for ICMP error messages to be passed since they will not
occur.
IPv6 Neighbor Discovery
IPv6 Neighbor Discovery (ND) is the IPv6 equivalent of the IPv4 ARP protocol.
When IPv6 is enabled for a given Ethernet interface, NetDefendOS will respond to any IPv6
Neighbor Solicitations (NS) sent to that interface with IPv6 Neighbor Advertisements (NA) for the
IPv6 address configured for that interface. NetDefendOS will also respond with neighbor
advertisements for any networks configured using Proxy Neighbor Discovery.
Proxy Neighbor Discovery
The IPv6 feature of Proxy Neighbor Discovery (Proxy ND) in NetDefendOS functions in the same
way as Proxy ARP does with IPv4 (described in Section 4.2.6, "Proxy ARP"). There are two ways of
enabling proxy ND:
A. Directly publish an address on an interface.
This is done in exactly the same way as ARP publish by setting option on an Ethernet
interface. Both the options Publish and Xpublish are supported for IPv6. These options are
explained in Section 3.5.3, "ARP Publish".
160
Chapter 3: Fundamentals