Hello, > SNAT([2600:yyyy:yyyy:zzzz::53]) [2600:yyyy:yyyy:yyyy::]/64 enp2s0 > > with that, you should now see the 'echo reply'.
Wow, that worked! I just assumed that since I wasn't seeing DROP/REJECT of packets, that I didn't have a problem like that. Never thought that the packets weren't even getting back. So with this I end up with NAT'd IPv6. Which I thought you weren't supposed to do. But I guess if I'm going to have private internal IPv6 addresses, either static &/or delegated, then I have to do this somehow. I keep thinking there's a routing solution that solves this, but I can't figure it out. And your NAT suggestion does fix it for now. I checked speedtests, and even with the IPv6 NATing like above my IPv6 up/down speeds checked @DESKTOP are ~25% better than IPv4. I'll take that. Thanks! Thad _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
