tedm at ipinc.net
Fri Oct 26 16:24:31 EDT 2007
>From: ppml-bounces at arin.net [mailto:ppml-bounces at arin.net]On Behalf Of
>michael.dillon at bt.com
>Sent: Friday, October 26, 2007 1:03 PM
>To: ppml at arin.net
>Subject: Re: [ppml] ripe-55/presentations/bush-ipv6-transition.pdf
>Cisco ASA (formerly PIX) supports IPv6 in version 7.0 and up.
Don't forget Cisco IOS - IPv6 support in mainline since 12.4 and in
earlier versions in feature sets. Current Cisco small router series -
the 1800/2800/3800 comes with a Firewall Feature Set as it's included
IOS load and has IPv6 support.
And also don't forget the open source routing daemon Quagga:
BGP4+ including support for IPv6. Note strictly a firewall but
you can run it on a system that has an IPv6 firewall.
>I suspect that the people complaining about IPv6 support are partially
>complaining because they have older hardware that the vendor does not
>plan to upgrade to IPv6 support until they have all features implemented
>in their newer products, and partially complaining because their vendor
>has not implemented some feature which they happen to use.
I agree but I think it's unlikely the vendors will ever update many
of these older products - not unless the vendor maintains service
contracts. And some may have firmware updates but will require purchase
of more ram or flash or both.
Note that BOTH Microsoft and Cisco publish very detailed product lifecycles
so you know the day you purchase the product how long the vendor will
support it - you have NO right to go complaining if one of your devices
from one of these vendors is older than the support end date.
One BIG problem is that a large number of smaller businesses are
using DSL or Cable, where the DSL modem is also a router, or the cable
modem is also a router.
Aside from the DSL provider support of IPv6 most likely being nonexistent,
none of these modem/router products I'm aware of contain IPv6, at least
not English localized in the US products.
These companies are going to have to get used to the idea that to run
IPv6 when their provider gets around to offering it, that they will need
to put these devices into bridged mode and go BUY firewalls that can
speak PPPoEese or whatever their provider runs.
>Commercial firewall support may be lagging behind OS and router support,
>but not by much. And if commercial vendors are not responsive, maybe you
>should try pricing out an open source solution with a consultant. I
>believe there is a gap here that startup firewall companies could fill
>if they understand the enterprise market.
I think that there will be a gap in the DSL and Cable provider market a lot
More information about the ARIN-PPML