IPV6 in enterprise best practices/white papaers
Justin M. Streiner
streiner at cluebyfour.org
Wed Jan 30 18:02:48 UTC 2013
On Mon, 28 Jan 2013, Doug Barton wrote:
> On 1/28/2013 7:27 AM, Eugeniu Patrascu wrote:
>> - configure IPv6 firewall rules (mostly a mirror of the IPv4 rulesets)
>
> Hopefully that did not included filtering ICMPv6? :)
The level of IPv6 support in firewalls has been all over the place, even
from vendors who have known IPv6 was coming for a long time ;)
I published a minimum IPv6 firewall ruleset for Cisco ASAs a while back on
some other lists and got only a little feedback, so for the benefit of the
NANOG community, I offer up:
http://www.cluebyfour.org/ipv6/
I will be testing the transition from 8.x to 9.x code in my lab as soon as
this week, so I should have some updated to publish very soon.
Likewise, I'm in the process of getting a DHCPv6 server spun up as well,
so I'll have some updates to publish there as well.
As always, suggestions and constructive feedback are always welcome.
jms
More information about the NANOG
mailing list