Just for the record, so other people will take a little less time finding this out. I have been using ufw, a simple firewall management application for iptables and ip6tables under ubuntu. It generates fairly reasonable configurations both for v4 and ipv6. These configurations are dependent on the kernel being able to do connection tracking. Older linux kernels lack this capability for ipv6. Unfortunately, my VPS provider uses XEN and they push this old kernel for me. The kernel i think i am using is newer. Apparently there are no newer kernels under XEN. Anyway, the symptoms are that the firewall effectively blocks all IPv6 connections. I have now resorted to set up ipv6 rules manually, following suggestions elsewhere on the forum. Some datapoints. root@vps:/# uname -r 2.6.18-prep root@vps:/# ls /lib/modules/ 2.6.28-11-server 2.6.28-15-server