1 / 6

Operational Security Considerations for IPv6 Networks

Operational Security Considerations for IPv6 Networks. K. Chittimaneni, E. Vyncke , M. Kaeo. Interim opsec wg Meeting September 29 , 2012 Amsterdam , Netherlands. Updates. Document accepted as working group item http://tools.ietf.org/html/draft-ietf-opsec-v6- 00

nomlanga-kirby
Download Presentation

Operational Security Considerations for IPv6 Networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Operational Security Considerations for IPv6 Networks K. Chittimaneni, E. Vyncke, M. Kaeo Interim opsecwg Meeting September 29, 2012 Amsterdam, Netherlands

  2. Updates • Document accepted as working group item • http://tools.ietf.org/html/draft-ietf-opsec-v6-00 • Filled in missing text • Addressed latest comments on mailing list • Update references

  3. Identified Areas Requiring Current Operational Input • Utilization of RTBH and uRFP for IPv6 • Most effective logging mechanisms and possible issues that need to be resolved • Deployed ND/RA rate limiting parameters • Utilization of SeND / CGA • Extension of Layer 2 – How many IPv6 addresses per MAC and how many IP addresses per interface (for ETTH)

  4. Feedback from RIPE • No deployment of SeND • Folks using RTBH / uRPF in IP v4 environments seem to also deploy it for IPv6 • Qualify statements such as “DNS64 may interfere with operations of DNSSEC” • A few operators promised to read I-D and give input on opsec mailing list

  5. Next Steps • Solicit more input from global operational folks • Provide cohesive advice in all sections • Continue to work with v6ops and homenetWGs to avoid overlaps or conflicts • Contact us at opsec@ietf.org

  6. Q&A THANK YOU!

More Related