On Fri, 2010-02-26 at 09:20 -0800, mattmcadoo at mattmcadoo dot com wrote:
> > On Thu, 2010-02-25 at 15:55 -0800, mattmcadoo at mattmcadoo dot com wrote:
> >> I have a /64 block of IPv6 addresses from my ISP and am having a hell of
> >> a
> >> time to get it working.  For the sake of example, my block is
> >> 2001:aaaa:bbbb:cccc::/64 and the gateway is 2001:aaaa:bbbb:cccc::1 (all
> >> the info that was given by my ISP)
> >
> > Unless I'm terribly confused (and I could be, I'm a v6 beginner, though
> > I do have my network up and v6 connected), you can't actually subnet
> > a /64.  The first 64 bits are a network prefix, and the last 64 bits are
> > the host portion, typically populated using the MAC of the interface.
> >
> > If you want subnets, you need a /64 for the firewall, and then a routed
> > subnet (/48 is 'standard', but some places allocate /56's or even /60's)
> > for the LAN.
> >
> > Brett.
> >
> 
> I'm not trying to subnet anything, I just want the m0n0wall box to pass
> the traffic through.
> 

Bah, sorry, I misunderstood the setup you were describing...

And no, I can't think of any reason why that setup wouldn't work, so
long as m0n0 is configured with the proper static routes and the
firewall has been configured to pass v6 traffic in both directions.

Stupid question, but I assume you've checked the firewall logs on m0n0
and confirmed that it isn't blocking traffic on the WAN side (which is
where the problem seems to lie)?

Brett.