0

I have a centos load balancer using piranha and direct routing. This uses arptables on the real servers to keep them from claiming the virtual ipv4 addresses. I would like to expand this setup to support ipv6 as well. So far, the only option I've found is to use the iptables solution instead of arptables with ip6tables and a TPROXY target, but I'm not sure that will work as well. Is there an arptables-like solution for neighbor discovery?

abatie
  • 93

1 Answers1

1

ARP is a separate protocol from IPv4 and therefore needs its own filter tables. Neighbour discovery is implemented using plain IPv6 with ICMPv6 messages, so you can use ip6tables to filter them.

Sander Steffann
  • 8,222