Re: IETF IPv6 platform configuration
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IETF IPv6 platform configuration
On Mon, 12 Jun 2006, Kevin Loch wrote:
Sam Hartman wrote:
"secIETF" == IETF Secretariat <ietf-secretariat at ietf.org> writes:
secIETF> * Only HTTP, SMTP, FTP, and DNS traffic are permitted
through an IPv6 secIETF> Native firewall (pings, traceroutes
etc. are dropped)
Please make sure that ICMP messages needed for path MTU discovery are
not filtered.
Is there a compelling reason to filter ICMP at all?
IMHO, this is a valid question.
There also happens to be a document,
draft-ietf-v6ops-icmpv6-filtering-recs-00.txt that discusses this very
issue. It might be interesting to have folks read that and provide
feedback to v6ops list (v6ops at ops.ietf.org) if they think there's
something amiss with it.
The document just passed WG LC.
--
Pekka Savola "You each name yourselves king, yet the
Netcore Oy kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www1.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
