E
Ernie
I finally upgraded my XP Pro system to Vista Business and have now
noticed a problem with Vista's firewall, or IPV6, maybe both.
I have some client/server software which I have used in the past. I
typically install the server component and the use client software to
interact with the server. Two such packages include the Apache Tomcat
server with your typical browsers, and also CVSNT (for source code
revision control).
I setup rules in the firewall to allow traffic to both services. But,
when I use client software to connect to the server service, there is
a lengthy delay before a connection is established. After some
research, I enabled the firewall logging and actually see incoming
IPV6 packets being dropped if I refer to the server component using
the machine's network.
For example, using my IE browser to connect to the Tomcat web server
using "http://{machinename}:8080/appName" results in the following:
2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE
2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE
2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 68 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 68 S 161832912 0 8192 - - - RECEIVE
The Apache Tomcat server listens on TCP port 8080 for incoming
connections.
Also, using the CVSNT client software to try to connect to the server
using the machine name results in the following:
2007-12-08 16:20:51 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:20:54 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:21:00 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 68 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:21:25 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
RECEIVE
2007-12-08 16:21:28 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
RECEIVE
2007-12-08 16:21:34 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 68 S 351475315 0 8192 - - -
RECEIVE
The CVSNT server listens on port TCP port 2401 for incoming
connections.
If I refer to the host component using 'localhost' instead of the
machine's network name, the connection is established almost
immediately, with no delay. The delay only occurs when connecting to
the sever component using the machine name.
Also, "ping localhost" results in timely responses. If I try
"ping {machinename}", there is no response. The log file shows:
2007-12-08 19:06:50 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:06:54 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:06:59 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:07:04 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:11:08 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:11:19 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
For testing/debugging, I have created rules for both services which
are enabled, allow the connections, specify the exact path/filename of
the service, any protocol, any port, for any local/remote ip address
for all profiles.
Can anyone provide some information why references to the machine name
result in IPV6 packets being dropped by the Vista firewall?
TIA.
noticed a problem with Vista's firewall, or IPV6, maybe both.
I have some client/server software which I have used in the past. I
typically install the server component and the use client software to
interact with the server. Two such packages include the Apache Tomcat
server with your typical browsers, and also CVSNT (for source code
revision control).
I setup rules in the firewall to allow traffic to both services. But,
when I use client software to connect to the server service, there is
a lengthy delay before a connection is established. After some
research, I enabled the firewall logging and actually see incoming
IPV6 packets being dropped if I refer to the server component using
the machine's network.
For example, using my IE browser to connect to the Tomcat web server
using "http://{machinename}:8080/appName" results in the following:
2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE
2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE
2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50292 8080 68 S 60696163 0 8192 - - - RECEIVE
2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
fe80::cab:790:3f57:fe99 50291 8080 68 S 161832912 0 8192 - - - RECEIVE
The Apache Tomcat server listens on TCP port 8080 for incoming
connections.
Also, using the CVSNT client software to try to connect to the server
using the machine name results in the following:
2007-12-08 16:20:51 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:20:54 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:21:00 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54212 2401 68 S 47232140 0 8192 - - -
RECEIVE
2007-12-08 16:21:25 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
RECEIVE
2007-12-08 16:21:28 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
RECEIVE
2007-12-08 16:21:34 DROP TCP fe80::2c75:1433:3f57:fef5
fe80::2c75:1433:3f57:fef5 54213 2401 68 S 351475315 0 8192 - - -
RECEIVE
The CVSNT server listens on port TCP port 2401 for incoming
connections.
If I refer to the host component using 'localhost' instead of the
machine's network name, the connection is established almost
immediately, with no delay. The delay only occurs when connecting to
the sever component using the machine name.
Also, "ping localhost" results in timely responses. If I try
"ping {machinename}", there is no response. The log file shows:
2007-12-08 19:06:50 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:06:54 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:06:59 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:07:04 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:11:08 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
2007-12-08 19:11:19 DROP ICMP fe80::3416:f3:3f57:fef5
fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
For testing/debugging, I have created rules for both services which
are enabled, allow the connections, specify the exact path/filename of
the service, any protocol, any port, for any local/remote ip address
for all profiles.
Can anyone provide some information why references to the machine name
result in IPV6 packets being dropped by the Vista firewall?
TIA.