[ipv6hackers] Implications of IPv6 on network firewalls

Fernando Gont fgont at si6networks.com
Fri Dec 16 23:43:18 CET 2011


Marco,

On 12/16/2011 08:24 AM, Marco Ermini wrote:
> On 24 November 2011 23:38, Fernando Gont wrote:
> [...]
>> I consider "basic functionality" that which parallels what we currently
>> do with IPv4.
> [...]
> 
> Maybe the problem lies in what we consider "basic functionality".
> 
> Personally I believe that IPv4 and IPv6 have simply different scopes
> of usage. It is incorrect to simply match 1:1 their functionality.
> 
> IPSec support is (or at least, was until some time ago...) a MANDATORY
> functionality in IPv6, therefore I would consider this "basic",
> although we may argue about what do we mean with "basic".

This is the last time I'm going to note this: what the specs say in this
respect is just words on paper.

At some point you need to make a choice: what the std says vs. reality.

Thanks,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont at si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492






More information about the Ipv6hackers mailing list