On Wednesday 2011-02-02 00:00, Guido Winkelmann wrote: >On Tuesday 01 February 2011 22:38:49 you wrote: > >>that each VPS can only use the IP and MAC addresses >>assigned to them. >>With IPv6, does anyone have any experience on how to do this? I >>know we can use ip6tables, but isn't there some trickery with NDP >>(Which replaces ARP)? > >There shouldn't be, just as long as you only filter on the source >address of outgoing packets, and not on the destination of incoming >ones. The NDP request packets go to weird multicast addresses That "weird multicast address" is just broadcast so to speak, there is nothing weird about it. >Answer packets for NDP always have a valid IPv6 address from the answering >host as their source address. Also, they're IPv6 packets like any other and >not a separate protocol as with ARP+IPv4. >Note that hosts using IPv6 will usually have at least two autoconfigured >addresses Can you back up this statement? -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html