Protocol Filtering for IPv6

We have had our protocol filter set on all APs and SMs to block all IPv6, but we are now starting to do prefix delegation down to customer routers, so we need to allow IPv6 to pass.

What do you have set for your protocol filters? On the AP I’m blocking SMB, SNMP, All other IPv6 upstream and downstream and on the SM I’m blocking SMB, SNMP and Bootp Server upstream only.

This is tricky to test as I’m not sure if I mistakenly have something blocked or the customer router isn’t set up correctly. We do not manage the customer devices, that is up their ISP and IPv6 is still a new game for us.

Note: we’ve found a bug introduced in 20.3 that we are investigating relating to IPv6 and upstream multicast. We are tracking it internally under CPY-17691. This was causing some routers to have difficulty connecting to the Internet. If you’re run into issues in this area, I’d recommend running We’re looking into it and will be fixing it ASAP. Sorry I don’t have any more info that that on it at the moment.

1 Like

We are still running 16.2.3. I did see what you mentioned in the release notes for 20.3

Thanks Charlie, would it be possible to backport this bug fix to the 16.x branch?

I would recommend

This bug did not exist in 16.X line. It was accidentally introduced in development of 20.3.
Even if it did, we are not making changes to 16.X load line.

Regardless of needing to look at our firmware, any feedback on filters to allow the prefix delegation?

Charlie, the reason we are still on 16.2.3 is due to the existence of this bug that is not mentioned in 16.2.3 release notes but exists in
CPY-16820 5 GHz 450m locks up until it is recovered by a power-cycle

The problem with our static release note process is that generally we don’t go back to edit the PDF with known issues. Personally I wish we just did online release notes like lets say on a… wait for it… web page?!? hehe But I’m just a worker bee here, what do I know. :slight_smile:

So all that to say, I do not think the issue you mention was introduced in development. But rather was found during that development and listed in the current release’s notes, but I think it also exists on 16.2.3.

But if 16.2.3 is working for you then no problem at all.