Project

General

Profile

Actions

Feature #6626

closed

Support for IPv6 firewall entries with dynamic delegated prefix and static host address

Added by Michael Virgilio over 5 years ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Rules / NAT
Target version:
Start date:
07/18/2016
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
21.05
Release Notes:
Default

Description

When using an ISP with dynamic prefix delegation, the prefix may change at any time, resulting in a change of the IP address of a host. A mechanism needs to be added to the firewall rule setup that allows the prefix of an interface to be dynamically updated should it change on the interface, while still allowing the host portion of the address to be static. This way firewall rules for a host can be updated automatically, allowing it to retain access in the event of a prefix change.

One possible way to do this would be to add an item to the Destination drop-down (i.e. LAN Prefix) and allow the host portion of the address to be entered into the text box.

Another possible way would be to have a token that could be entered into the Address box, that is replaced with the prefix during rule generation.

However this is implemented, validation should reject the rule with an error if the protocol is IPv4 or IPv4+IPv6.

My personal preference would be the drop-down box, but I leave this decision to whoever is implementing this feature.

Actions

Also available in: Atom PDF