IPv6, firewall issues and numbering schemes

Francis Dupont Francis.Dupont@enst-bretagne.fr
Wed, 05 Dec 2001 09:52:36 +0100

Previous message: IPv6, firewall issues and numbering schemes
Next message: IPv6, firewall issues and numbering schemes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 In your previous mail you wrote:

   Is it possible to set up at least an IPv4 tunnel so that I can gain
   external IPv6 connectivity, with this firewall still in place? Or will
   I have to bitch at the manufacturer, or even ditch that box it for
   something more flexible?
   
=> I believe the best solution is to run PPP over UDP. I asked some
months ago if this has to be standardized (for the port number or
access control for instance)... PPP over UDP is very common on
Unixes (this is a standard feature of user mode PPP on FreeBSDs)
and/or is very easy to implement with a tunnel interface/device.

   Also if someone would care to point me to some documents specifying a
   common or recommended IPv6 numbering scheme, that would be great.

=> just use the standard MAC to interface ID stuff or (if you don't
use names which always are a better way) a small counter.

   I have been thinking about using the 64-bit local part as 48 bit MAC
   address + 16 bit counter,

=> I don't understand why you need something so complex...

   but this would mean addresses that are even
   harder to remember than usual, and may have security implications as
   well (publishing local addresses in global DNS).

=> ???

   Suggestions or pointers on this topic are also greatly appreciated!
   
=> read a good book about DNS?

Regards

Francis.Dupont@enst-bretagne.fr

Previous message: IPv6, firewall issues and numbering schemes
Next message: IPv6, firewall issues and numbering schemes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]