Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Lots of discarded IPv6 packets in firewall log.

Hi all,

Started to have this issue the last day in the office 30mins before i left for the weekend.

Basically our network has been going very slow and i have lots of this in the firewall..... like non stop. Am i right to believe fe80: is internally originated?

We have had some 3rd party work on the site. any ideas?

We don't have any ipv6 scopes defined in dhcp on the XGS or have any ipv6 addresses on any of our interfaces.

What's the best cause of action here to find the issue?

thanks



Added TAGs
[edited by: Erick Jan at 11:51 PM (GMT -8) on 3 Nov 2024]
Parents
  • Maybe, there are (new) IPv6 enabled device(s) on your network.
    These try to do multicast-dns  (UDP5355) or netbios (135) using multicast-destination-IPs (ff02:) ... absolutely normal for IPv6.
    But there may be a malfunction and some IPv6 device play "ping-pong" with the packets ... resulting in a packet-storm.
    Take a look to the interface load at one device within the LAN.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • Maybe, there are (new) IPv6 enabled device(s) on your network.
    These try to do multicast-dns  (UDP5355) or netbios (135) using multicast-destination-IPs (ff02:) ... absolutely normal for IPv6.
    But there may be a malfunction and some IPv6 device play "ping-pong" with the packets ... resulting in a packet-storm.
    Take a look to the interface load at one device within the LAN.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data