[133200] in North American Network Operators' Group
Re: Pointer for documentation on actually delivering IPv6
daemon@ATHENA.MIT.EDU (Jared Mauch)
Mon Dec 6 09:55:29 2010
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <AANLkTim6cxhe=WGaYXmZ-uDZ5WXXVjW5UTAr_0tVE3_R@mail.gmail.com>
Date: Mon, 6 Dec 2010 09:55:07 -0500
To: Jeff Johnstone <jjohnstone@diamondtech.ca>
Cc: North American Network Operators Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Dec 6, 2010, at 8:35 AM, Jeff Johnstone wrote:
> Speaking of IPV6 security, is there any movement towards any open =
source
> IPV6 firewall solutions for the consumer / small business?
>=20
> Almost all the info I've managed to find to date indicates no support, =
nor
> any planned support in upcoming releases.
>=20
> Any info would be helpful.
Honestly (and I'm sure some IPv6 folks will want me injured as a result) =
there should be some '1918-like' space allocated for the corporate guys =
who "don't get it", so they can nat everyone through a single /128. It =
would make life easier for them and quite possibly be a large item in =
pushing ipv6 deployment in the enterprise.
I don't see our corporate IT guys that number stuff in 1918 space =
wanting to put hosts on 'real' ips. The chances for unintended routing =
are enough to make them say that v6 is actually a security risk vs =
security enabler is my suspicion.
- Jared=
