[184528] in North American Network Operators' Group
Re: /27 the new /24
daemon@ATHENA.MIT.EDU (Owen DeLong)
Wed Oct 7 08:00:01 2015
X-Original-To: nanog@nanog.org
From: Owen DeLong <owen@delong.com>
In-Reply-To: <18661688-294A-4662-8380-DF6C2C490E6F@beckman.org>
Date: Wed, 7 Oct 2015 04:56:45 -0700
To: Mel Beckman <mel@beckman.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
> On Oct 4, 2015, at 7:52 AM, Mel Beckman <mel@beckman.org> wrote:
>=20
> If it doesn't support IPSec, it's not really IPv6. Just as if it =
failed to support any other mandatory IPv6 specification, such as RA.=20
Not true. IPSec is recommended, not mandatory.
This change was made in favor of resource constrained nodes (think micro =
controllers with very small memories).
> There's really no excuse for not supporting IPSec, as it's a widely =
available open source component that costs nothing to incorporate into =
an IPv6 stack.=20
Simply not true. There are nodes which have no need for it and are =
resource constrained.
> Your observation simply means that users must be informed when buying =
IPv6 devices, just as they must with any product. You can buy either =
genuine IPv6 or half-baked IPv6 products. When I speak of IPv6, I speak =
only of the genuine article.=20
This is true. If you need the device to support IPv6, you should =
definitely make sure that it does, but that is ordinary reality with any =
feature of any product rather than anything specific to IPv6.
Owen
