About RIPE | Contact  | Search | Sitemap    
Homepage RIPE  
RIPE Community Mail Archives
search  
     
Next Sectionyou are here: RIPE -> RIPE Maillists > Archives
RIPE Navigation Ends
About RIPE Maillists
Maillists Archive
Global Lists
Non Active Lists
RIPE NCC Navigation Ends
Next Section
<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [ipv6-wg] Commercial IPv6 firewall support

  • To: Patrik Wallstrom pawal@localhost
  • From: Dennis Lundstrom dennislun@localhost
  • Date: Thu, 8 Nov 2007 18:22:42 +0100
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:cc:message-id:from:to:in-reply-to:content-type:content-transfer-encoding:mime-version:subject:date:references:x-mailer; bh=IovZQrlmhe/Gc+DrSuwnC/jZjBpvtYen4lKx/EseTdg=; b=STyjN4RS+I5Roahs+HIPpjIaElBljAU3wkbbXnIUpJy6pwE91+KxWdIcQ4w4dLmaHc4eaaVpTuSd8VjEFd4a/HaRdyTswnJ5B3hVHMFGmtDrMN9PrlB2mfBO2ZVZYFOiJm0cXRStPrrtdgTuxDUaEKUXQV9P75sl4+Ld8P42Ubo=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:cc:message-id:from:to:in-reply-to:content-type:content-transfer-encoding:mime-version:subject:date:references:x-mailer; b=DENe9xuLAE40Eyt18I2Nxh34yurNdpD9vhzRQcaizsPV6UysmaBWLXeZIgbtg5GN2fo+zejVm53wnloiF3AB+JPIGFOeO6F76eTehLQ3BHY9YrdZP8pHk9ADVTDYxiVC3//I9N1HRsUEhA5TyKo7OAlR4uJwTzlBDAKXbNg5ANM=
I believe that the biggest obstacle here, is education, and scheduling.
This issue have to get more time in the board-rooms, and be discussed at a higher level. If management does not understand the severity, and the application. They will most likely never apply funds for research and training needed. Much of our economy is based on resources, that we will eventually one day run out on. Looking at the sky-rocketing oil-prices. I doubt that we want the same thing happening to IPv4. though we can set up policy against third party trade of address-space. This will most likely happen on an organized level anyway. The thing is, If we draw parallels to the oil industry. Let's face it,we got the technology today to quit our dependency of IPv4.
Another big issue is IPv6 support in SOHO market. More home-use IP- enabled equipment need to support IPv6 out of the box. 

Best regards.

--Dennis Lundström
  Adamo Europe S.L (AS35699)




On 7 nov 2007, at 10.34, Patrik Wallstrom wrote:


On Fri, 26 Oct 2007, michael.dillon@localhost wrote:


Some people have claimed that they cannot yet sell
IPv6 Internet access because there is no IPv6 firewall
support. According to this ICANN study:
http://www.icann.org/committees/security/sac021.pdf
this is not quite true. At least 30% of the 42 vendors
surveyed, had IPv6 support.

According to this talk
<http://www.guug.de/veranstaltungen/ecai6-2007/slides/2007-ECA-I6-Status
-IPv6-Firewalling-PeterBieringer-Talk.pdf>
many open-source and commercial firewalls supporting IPv6 are available. 

IPCop is based on Linux
<http://www.ipcop.org/index.php?module=pnWikka&tag=IPCopScreenshots>

m0n0wall is based on FreeBSD
<http://m0n0.ch/wall/screenshots.php>

pfSense is also based on FreeBSD
<http://pfsense.com/index.php?id=26>

FWBuilder is a management tool that builds filter setups for
several different firewalls.
<http://www.fwbuilder.org/archives/cat_screenshots.html>


[...]

I am not really sure this list contains routers that really really
supports tested IPv6 routing, or just of those that say they do. For
example FWBuilder here does not support IPv6 other than (from the
changelog in the latest version) "... option to the firewall settings
dialog for iptables that controls whether compiler should skip
generation of the code to set default policy of all ipv6 chains to
DROP", and that is all v6 support there I can find.

--
patrik_wallstrom->foodfight->pawal@localhost+46-733173956
Post To The List:

Replies

Message References

<<< Chronological >>> Author    Subject <<< Threads >>>
 

Next Section
     About RIPE | Site Map | LIR Portal | About the RIPE NCC | Contact | © RIPE Community. All rights reserved.
RIPE.NET Homepage LIR Portal RIPE Community