/27 the new /24

• Previous message (by thread): /27 the new /24
• Next message (by thread): /27 the new /24
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Stefann,

You're right. I remember hearing rumblings of vendors requesting this change, mostly because embedded processors of the time had difficulty performing well with IPv6. I see that in 2011 rfc6434 lowered IPSec from "must" to "should". Nevertheless, plenty of products produced before 2011 included IPSec and the vast majority of IPv6-capable nodes on the Internet have it today. Performance is no longer an issue. 

 -mel beckman

> On Oct 4, 2015, at 8:58 AM, Sander Steffann <sander at steffann.nl> wrote:
> 
> Hi,
> 
>> Op 4 okt. 2015, om 16:52 heeft Mel Beckman <mel at beckman.org> het volgende geschreven:
>> 
>> If it doesn't support IPSec, it's not really IPv6. Just as if it failed to support any other mandatory IPv6 specification, such as RA.
> 
> I think you're still looking at an old version of the IPv6 Node Requirements. Check https://tools.ietf.org/html/rfc6434#section-11, specifically this bit:
> 
> """
> Previously, IPv6 mandated implementation of IPsec and recommended the key management approach of IKE.  This document updates that recommendation by making support of the IPsec Architecture a SHOULD for all IPv6 nodes.
> """
> 
> This was published in December 2011.
> 
> Cheers,
> Sander
> 

• Previous message (by thread): /27 the new /24
• Next message (by thread): /27 the new /24
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]