FastNetMon Advanced has complete support for IPv6 protocol.
Current IPv6 support limitations:
- IPv6 attack detection works only in “blackhole mode”. When FastNetMon blocks host completely. It does not support selective BGP Flow Spec based filtering.
By default, all new installation of FastNetMon work with IPv6 traffic. For old installation you need to enable this feature explicitly:
sudo fcli set main process_ipv6_traffic enable sudo fcli commit
You also need to add all your IPv6 network for monitoring:
sudo fcli set main networks_list 0000::1/128 sudo fcli commit
Please enable IPv6 traffic metrics on network equipment side. You can use following commands to check amount of IPv6 traffic captured by FastNetMon:
sudo fcli show total_traffic_counters_v6 sudo fcli show network_counters_v6 sudo fcli show host_counters_v6 sudo fcli show system_counters | grep total_ipv6_packets
Also, we added support for IPv6 in fastnetmon_client tool:
sudo fastnetmon_client -ipv6
To enable ban actions for IPv6 traffic, please execute following:
sudo fcli set main enable_ban_ipv6 enable sudo fcli commit
You can check blocked hosts using same approach as for IPv4:
sudo fcli show blackhole
To read more about IPv6 specific options for BGP, please check this page.