On Nov 26, 2020, at 6:18 PM, Keith Halewood
<Keith.Halewood at pitbulluk.org> wrote:
I can't wait to try it out..... except that I bought a new Cisco small business
router (RV340W) and this has introduced a whole load of IPv6 woes.
LAN -> WAN initiated calls work fine...... except that windows hosts eventually forget
the link-level address of the router and the router itself throws up something worrying in
its logs about being unable to advertise the router address.
WAN -> LAN initiated calls don't work at all. They don't even get as far as
tickling an access rule's logging setting.
I'm really annoyed that changing any firewall rules (v4 or v6) causes all stateful
connectivity to be forgotten and everything is dropped. Even Draytek Vigors didn't do
this unless the rule change was pertinent to particular connections.
What really really annoys me is some linux daemons (DHCP server) being terminated and
restarted every 15 minutes or so.... almost as though it's a quick a dirty fix to some
sort of bug they couldn't figure out.
Sorry for the rant. I just remember when Cisco and quality appeared to be two different
spellings for the same concept. I'm sorely tempted to roll my own. After all, who
needs a UI?!?
I've never used Cisco equipment, so I can't comment on that angle. Instead,
I've used Linux for firewall and NAT and other duties for at least 10 years, with
excellent results. For years now that system has also been a public subversion server
(that's the one where pydecnet lives). About a month ago I upgraded it from CantOS
6-ish to Fedora Core 32. For robustness it runs on a fanless "industrial" PC
with SSDs, so there are zero moving parts involved and dust isn't a concern either.
paul