Update README.md

telnetdoogie · web-flow · commit 6c30cec1af77 · 2023-05-13T05:36:19.000-05:00
Added Caveat Emptor for complex WAN situations and a warning to disabled IPv6 from your WAN interfaces
diff --git a/README.md b/README.md
@@ -10,6 +10,12 @@ This is my port forward rule for allowing HE to ping my UDMP from the internet (
  <img src="https://user-images.githubusercontent.com/17893990/162670587-27812c6c-3259-4eaf-a1a4-19284b65957b.png" width="50%">
 </p>
 
+# Caveat Emptor
+
+This script is not 'supported' in any way by Ubiquiti, and, based on the way the firewall rules are applied, you **MUST** disable ipv6 from your WAN interfaces before you set this up. In order to 'transpose' the Unifi Firewall rules over to the tunnel interface, the method I'm using here takes the ipv6 rules from your default WAN interface and removes them, applying them instead to your new tunnel interface. This is not a problem if you do not have ipv6 working from your ISP, but in the case where (without the tunnel) your WAN interface does have a valid ipv6 address already (perhaps you're just wanting to use a HE tunnel for a static ipv6 network), the firewall configuration script will leave your WAN exposed to ipv6 traffic. So, set your "IPv6 Connection" from your internet connection to `DISABLED` before your proceed. 
+
+This set of scripts is intended for the user that is using a HE tunnel in order to get IPv6 connectivity on a single interface. Currently, if you have multiple WANs in a load-balanced setup, OR if your WAN fails over to a secondary WAN, this set of scripts isn't yet robust enough to handle those situations. (See [Issue #1](https://github.com/telnetdoogie/UDMP-ipv6/issues/1))
+
 # Setting up the files
 
 * Add the two files [41-enable-he-ipv6.sh](data/on_boot.d/41-enable-he-ipv6.sh) and [99-add-cronjobs.sh](data/on_boot.d/99-add-cronjobs.sh) to `/data/on_boot.d/` 
