FastNetMon Advanced has complete support for the IPv6 protocol.
Current IPv6 support limitations:
- IPv6 attack detection works only in "blackhole mode". In this mode, FastNetMon blocks the host completely. It does not support selective BGP Flow Spec-based filtering.
By default, all new installations of FastNetMon work with IPv6 traffic. For an old installation, you need to enable this feature explicitly:
sudo fcli set main process_ipv6_traffic enable sudo fcli commit
You also need to add all your IPv6 networks for monitoring:
sudo fcli set main networks_list 0000::1/128 sudo fcli commit
Please enable IPv6 traffic metrics on network equipment side. You can use the following commands to check the amount of IPv6 traffic captured by FastNetMon:
sudo fcli show total_traffic_counters_v6 sudo fcli show network_counters_v6 sudo fcli show host_counters_v6 sudo fcli show system_counters | grep total_ipv6_packets
Also, we added support for IPv6 in the fastnetmon_client tool:
sudo fastnetmon_client -ipv6
To enable ban actions for IPv6 traffic, please execute the following:
sudo fcli set main enable_ban_ipv6 enable sudo fcli commit
You can check blocked hosts using the same approach as for IPv4:
sudo fcli show blackhole
To read more about IPv6-specific options for BGP, please refer to this page.