Windows Vista Forums

Vista Firewall and local IPV6 traffic dropped?
  1. 12 Dec 2007 #1


    Ernie Guest

    Vista Firewall and local IPV6 traffic dropped?


    I finally upgraded my XP Pro system to Vista Business and have now
    noticed a problem with Vista's firewall, or IPV6, maybe both.



    I have some client/server software which I have used in the past. I
    typically install the server component and the use client software to
    interact with the server. Two such packages include the Apache Tomcat
    server with your typical browsers, and also CVSNT (for source code
    revision control).

    I setup rules in the firewall to allow traffic to both services. But,
    when I use client software to connect to the server service, there is
    a lengthy delay before a connection is established. After some
    research, I enabled the firewall logging and actually see incoming
    IPV6 packets being dropped if I refer to the server component using
    the machine's network.

    For example, using my IE browser to connect to the Tomcat web server
    using "http://{machinename}:8080/appName" results in the following:

    2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE

    2007-11-26 20:58:57 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE

    2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50292 8080 72 S 60696163 0 8192 - - - RECEIVE

    2007-11-26 20:59:00 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50291 8080 72 S 161832912 0 8192 - - - RECEIVE

    2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50292 8080 68 S 60696163 0 8192 - - - RECEIVE

    2007-11-26 20:59:06 DROP TCP fe80::cab:790:3f57:fe99
    fe80::cab:790:3f57:fe99 50291 8080 68 S 161832912 0 8192 - - - RECEIVE

    The Apache Tomcat server listens on TCP port 8080 for incoming
    connections.

    Also, using the CVSNT client software to try to connect to the server
    using the machine name results in the following:

    2007-12-08 16:20:51 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
    RECEIVE
    2007-12-08 16:20:54 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54212 2401 72 S 47232140 0 8192 - - -
    RECEIVE
    2007-12-08 16:21:00 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54212 2401 68 S 47232140 0 8192 - - -
    RECEIVE
    2007-12-08 16:21:25 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
    RECEIVE
    2007-12-08 16:21:28 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54213 2401 72 S 351475315 0 8192 - - -
    RECEIVE
    2007-12-08 16:21:34 DROP TCP fe80::2c75:1433:3f57:fef5
    fe80::2c75:1433:3f57:fef5 54213 2401 68 S 351475315 0 8192 - - -
    RECEIVE

    The CVSNT server listens on port TCP port 2401 for incoming
    connections.

    If I refer to the host component using 'localhost' instead of the
    machine's network name, the connection is established almost
    immediately, with no delay. The delay only occurs when connecting to
    the sever component using the machine name.

    Also, "ping localhost" results in timely responses. If I try
    "ping {machinename}", there is no response. The log file shows:

    2007-12-08 19:06:50 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
    2007-12-08 19:06:54 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
    2007-12-08 19:06:59 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
    2007-12-08 19:07:04 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
    2007-12-08 19:11:08 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE
    2007-12-08 19:11:19 DROP ICMP fe80::3416:f3:3f57:fef5
    fe80::3416:f3:3f57:fef5 - - 80 - - - - 128 0 - RECEIVE

    For testing/debugging, I have created rules for both services which
    are enabled, allow the connections, specify the exact path/filename of
    the service, any protocol, any port, for any local/remote ip address
    for all profiles.

    Can anyone provide some information why references to the machine name
    result in IPV6 packets being dropped by the Vista firewall?

    TIA.


      My System SpecsSystem Spec
  2. 18 Dec 2007 #2


    Ernie Guest

    Re: Vista Firewall and local IPV6 traffic dropped?

    On Wed, 12 Dec 2007 18:44:55 -0600, Ernie <user@xxxxxx> wrote:

    >
    >I finally upgraded my XP Pro system to Vista Business and have now
    >noticed a problem with Vista's firewall, or IPV6, maybe both.
    >
    Has no one noticed this type of problem? Or is my problem description
    too vague? Do I need provide additional information?



      My System SpecsSystem Spec
Vista Firewall and local IPV6 traffic dropped? problems?
« Networking Two Vista PCs | Network Discovery turns itself off... »

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ethernet to Local Traffic only BritishGent Network & Sharing 0 23 Apr 2008
Vista AD Member - Explorer non-responsive when 445 traffic dropped Jason R. Coombs Vista account administration 0 30 Oct 2007
Help, Vista's firewall started to work with outbound traffic, and I don't know how to stop it!!!!! Juan I. Cahis Vista General 10 15 Jul 2007
Firewall blocks network traffic Kelly Mayo Vista security 1 27 Jun 2007
Vista firewall not blocking outbound traffic despite explicit rules to do so Roof Fiddler Vista security 11 12 Feb 2007