My NOS router just recently got IPv6, however, it seems there is a hidden firewall somewhere that I haven’t been able to disable.
My machine has DHCP enabled and receives a NATed IPv4 address and global IPv6 address from the NOS router. On the machine I have nftables installed and only allow ICMPv6 and tcp 22 (have password login disabled for ssh).
When I ping various devices with global IPv6 address from behind the NOS router, with the destination another device behind the router, I am able to ping the global IPv6 addresses when the connection stays on the local lan.
From the devices with global IPv6 address provided by NOS, when I ping public IPv6 DNS servers, I am able to reach them.
Now the issue; when I login to an external server and try to ping the global IPv6 address of one of the devices behind the NOS router, I am unable to reach them.
traceroute6 does indicate that one of the last hops is if-bundle-4-2.qhar1.epcp1-porto.ipv6.as6453.net
My problem statement; I understand I was sold internet without IPv6 and it is just recently enabled. It’s still not fully implemented as it’s not doing bidirectional routing. I don’t know what and how you implemented it, but it’s more complicated than needed since by default, internet traffic flows both directions.
Question? Will I get IPv6 in the future automatically? Did you intentionally mess with the routing? Or put a firewall in the router, but the UI to configure this is not implemented yet? Will it be solved if I bring my own router and put it in bridge-mode?
