[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft on v6 firewalling



Hello,

I've submitted an I-D on IPv6 firewalling issues, and it should be 
available in the repository shortly.

In the meantime, it's available at:

http://www.netcore.fi/pekkas/ietf/draft-savola-v6ops-firewalling-00.txt

Below is the abstract:

   There are quite a few potential problems regarding firewalling or
   packet filtering in IPv6 environment.  These include slight ambiguity
   in the IPv6 specification, problems parsing packets beyond unknown
   Extension Headers and Destination Options, and introduction of end-
   to-end encrypted traffic and peer-to-peer applications.  There may
   also be need to extend packet matching to include some Extension
   Header or Destination Option fields.  This draft discusses these
   issues to raise awareness and proposes some tentative solutions or
   workarounds.

It's 8 pages.

Thanks.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords