ip6tables and multiple possible source addresses
Mohacsi Janos
mohacsi at niif.hu
Thu Jan 19 09:48:54 CET 2012
On Thu, 19 Jan 2012, Brian E Carpenter wrote:
> On 2012-01-19 09:40, Cameron Byrne wrote:
>> I guess I missed why the simplest answer does not apply
>>
>> If you are already creating host specific iptables, why not just use a
>> static address that is permanent? This really works the same in ipv4 and
>> ipv6, right?
>
> Yes, but static addresses are an ivitation to trouble later on.
> http://tools.ietf.org/html/draft-carpenter-6renum-static-problem
Which is more frequent, renumbering or tweaking firewall rules? There is a
tradeoff - everybody should decide according their taste.
Best Regards,
Janos Mohacsi
More information about the ipv6-ops
mailing list