[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPV6 in enterprise best practices/white papaers

Subject: IPV6 in enterprise best practices/white papaers
From: streiner at cluebyfour.org (Justin M. Streiner)
Date: Wed, 30 Jan 2013 13:02:48 -0500 (EST)
In-reply-to: <[email protected]>
References: <CAKb_Nupf4GAY4cFnyyb3hewFCWk6Vp4zLyyKnc4ct-0T4K356A@mail.gmail.com> <CALgc3C4bZOM2nxVEgh0aFF4jHGpEUyMRvVOeCHx0bBUbfV5N_w@mail.gmail.com> <[email protected]>

On Mon, 28 Jan 2013, Doug Barton wrote:

> On 1/28/2013 7:27 AM, Eugeniu Patrascu wrote:
>>  - configure IPv6 firewall rules (mostly a mirror of the IPv4 rulesets)
>
> Hopefully that did not included filtering ICMPv6? :)

The level of IPv6 support in firewalls has been all over the place, even 
from vendors who have known IPv6 was coming for a long time ;)

I published a minimum IPv6 firewall ruleset for Cisco ASAs a while back on 
some other lists and got only a little feedback, so for the benefit of the 
NANOG community, I offer up:

http://www.cluebyfour.org/ipv6/

I will be testing the transition from 8.x to 9.x code in my lab as soon as 
this week, so I should have some updated to publish very soon.

Likewise, I'm in the process of getting a DHCPv6 server spun up as well, 
so I'll have some updates to publish there as well.

As always, suggestions and constructive feedback are always welcome.

jms

References:
- IPV6 in enterprise best practices/white papaers
  - From: paveldimow at gmail.com (Pavel Dimow)
- IPV6 in enterprise best practices/white papaers
  - From: eugen at imacandi.net (Eugeniu Patrascu)
- IPV6 in enterprise best practices/white papaers
  - From: dougb at dougbarton.us (Doug Barton)

Prev by Date: Will wholesale-only muni actually bring the boys to your yard?
Next by Date: Will wholesale-only muni actually bring the boys to your yard?
Previous by thread: IPV6 in enterprise best practices/white papaers
Next by thread: IPV6 in enterprise best practices/white papaers
Index(es):
- Date
- Thread