[blog] 2 new drafts + openwrt svg

This commit is contained in:
Nico Schottelius 2020-10-23 14:50:54 +02:00
parent 1cffac34c4
commit adefb09190
3 changed files with 83 additions and 0 deletions

File diff suppressed because one or more lines are too long

After

Width:  |  Height:  |  Size: 15 KiB

View file

@ -0,0 +1,49 @@
title: 2020 incompatible: without IPv6
---
pub_date: 2020-10-16
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: no
---
_discoverable: no
---
abstract:
2020 is the year of IPv6 - are you ready for it?
---
body:
## TL;DR
As of 2020-10-16 we will start to label software and hardware that is not fully IPv6 compatible
as "2020 incompatible". And we encourage everyone to join.
## Background
Latest with the [exhaustion of IPv4 space at
RIPE](https://www.ripe.net/publications/news/about-ripe-ncc-and-ripe/the-ripe-ncc-has-run-out-of-ipv4-addresses),
it has become a necessity to switch to IPv6 in 2020.
Additionally IPv4 address have become a very scarce and expensive
resource. Not only in buying the actual addresses, but also to keep
the legacy IP stack active and maintained.
## 2020: Switching to IPv6 only networks
Running dual stack networks is not feasible, because you do not profit
from the advantages of IPv6, but suffer from complexity in your
network.
Dual stack networks also limit the scope of IPv6 implementation, as
layouts are orientated on legacy network designs. So in a nutshell: If
you want to make your life easier and your operations less cost
intensive, you switch to IPv6 only networks.
## Blocker for the IPv6 only migration
We argue that there is no practical blocker anymore for moving to IPv6
only networks, because even reachability from the IPv4 Internet can
easily be achieved using [IPv4-to-IPv6
proxies](/u/products/ipv4-to-ipv6-proxy/) or

View file

@ -0,0 +1,26 @@
title: Blocking Source Address Spoofing
---
pub_date: 2020-10-23
---
author: ungleich
---
twitter_handle: ungleich
---
_hidden: yes
---
_discoverable: no
---
abstract:
Let's not let the wrong packets in.
---
body:
## TL;DR
Effective 2020-10-23 we drop source address spoofed packets in Data
Center Light.
## Introduction
We have received a very helpful hint from a group of researchers that
spoofed packets from our own