[153275] in North American Network Operators' Group
Re: IPv6 day and tunnels
daemon@ATHENA.MIT.EDU (Cameron Byrne)
Mon Jun 4 13:27:15 2012
In-Reply-To: <CAAAwwbWqM0PZXVg+wTsuCJgoZjXU444_JZuHfPaMWNRHdJvCNw@mail.gmail.com>
Date: Mon, 4 Jun 2012 10:26:15 -0700
From: Cameron Byrne <cb.list6@gmail.com>
To: Jimmy Hess <mysidia@gmail.com>
Cc: North American Networking and Offtopic Gripes List <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Sun, Jun 3, 2012 at 11:20 PM, Jimmy Hess <mysidia@gmail.com> wrote:
> On 6/3/12, Jeroen Massar <jeroen@unfix.org> wrote:
>> If one is so stupid to just block ICMP then one should also accept that =
one
>> loses functionality.
> ICMP tends to get blocked by firewalls by default; There are
> legitimate reasons to block ICMP, esp w V6. =A0 Security device
> manufacturers tend to indicate all the =A0"lost functionality" =A0is
> optional functionality =A0not required for a working device.
>
In case security policy folks need a reference on what ICMPv6
functionality is required for IPv6 to work correctly, please reference
http://www.ietf.org/rfc/rfc4890.txt
CB
