Default security functions on an IPv6 CPE

Mikael Abrahamsson swmike at swm.pp.se
Fri May 6 21:00:04 CEST 2011


On Fri, 6 May 2011, Cameron Byrne wrote:

> This also keeps us locked into tcp/udp and breaks sctp and other forward 
> looking evolutions of ip transport ... also likely broken are multicast, 
> ipsec, mobile ip, ...

Nono, my suggestion is to statefully block incoming connections to low 
tcp/udp ports but allow everything else IPv6.

-- 
Mikael Abrahamsson    email: swmike at swm.pp.se


More information about the ipv6-ops mailing list