[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BCP for securing IPv6 Linux end node in AWS

Subject: BCP for securing IPv6 Linux end node in AWS
From: rsk at gsp.org (Rich Kulawiec)
Date: Mon, 15 May 2017 06:57:09 -0400
In-reply-to: <[email protected]>
References: <[email protected]>

On Sun, May 14, 2017 at 09:29:45AM -0400, Eric Germann wrote:
> I???ve reviewed some of the stuff out there, but apparently I???m
> catching too many of the ICMP types in the rejection as routing eventually
> breaks.  My guess is router discovery gets broken by too tight of filters.

That's a good guess, but I would also guess that path MTU discovery
may be breaking.  (Or not.)  I think you may want to implement RFC 4890,
with a look at RFC 4443.

---rsk

Follow-Ups:
- BCP for securing IPv6 Linux end node in AWS
  - From: jordi.palet at consulintel.es (JORDI PALET MARTINEZ)

References:
- BCP for securing IPv6 Linux end node in AWS
  - From: ekgermann at semperen.com (Eric Germann)

Prev by Date: Please run windows update now
Next by Date: BCP for securing IPv6 Linux end node in AWS
Previous by thread: BCP for securing IPv6 Linux end node in AWS
Next by thread: BCP for securing IPv6 Linux end node in AWS
Index(es):
- Date
- Thread