IPV6 renumbering painless?
Iljitsch van Beijnum
iljitsch at muada.com
Sat Nov 13 12:48:01 UTC 2004
On 13-nov-04, at 10:02, Henning Brauer wrote:
> * Owen DeLong <owen at delong.com> [2004-11-13 08:46]:
>> I suspect that eventually, we will discover that ADDRESS-based
>> ACLs simply do not scale to a V6 world
> which I see as an issue with v6 and not the ACLs.
Yes, because address based access restrictions never get in the way of
renumbering in IPv4.
Filtering based on IP addresses is a broken concept.
I'm not a huge fan of sprinkling crypto over everything, but if you
want certain people to have access to some stuff and not others,
IPsec/SSL are the way to go.
More information about the NANOG
mailing list