[blog] 2 new drafts + openwrt svg
This commit is contained in:
Nico Schottelius
parent
1cffac34c4
commit
adefb09190
File diff suppressed because one or more lines are too long
|
After Width: | Height: | Size: 15 KiB |
|
|
@ -0,0 +1,49 @@
|
|||
title: 2020 incompatible: without IPv6
|
||||
---
|
||||
pub_date: 2020-10-16
|
||||
---
|
||||
author: ungleich
|
||||
---
|
||||
twitter_handle: ungleich
|
||||
---
|
||||
_hidden: no
|
||||
---
|
||||
_discoverable: no
|
||||
---
|
||||
abstract:
|
||||
2020 is the year of IPv6 - are you ready for it?
|
||||
---
|
||||
body:
|
||||
|
||||
## TL;DR
|
||||
|
||||
As of 2020-10-16 we will start to label software and hardware that is not fully IPv6 compatible
|
||||
as "2020 incompatible". And we encourage everyone to join.
|
||||
|
||||
## Background
|
||||
|
||||
Latest with the [exhaustion of IPv4 space at
|
||||
RIPE](https://www.ripe.net/publications/news/about-ripe-ncc-and-ripe/the-ripe-ncc-has-run-out-of-ipv4-addresses),
|
||||
it has become a necessity to switch to IPv6 in 2020.
|
||||
|
||||
Additionally IPv4 address have become a very scarce and expensive
|
||||
resource. Not only in buying the actual addresses, but also to keep
|
||||
the legacy IP stack active and maintained.
|
||||
|
||||
## 2020: Switching to IPv6 only networks
|
||||
|
||||
Running dual stack networks is not feasible, because you do not profit
|
||||
from the advantages of IPv6, but suffer from complexity in your
|
||||
network.
|
||||
|
||||
Dual stack networks also limit the scope of IPv6 implementation, as
|
||||
layouts are orientated on legacy network designs. So in a nutshell: If
|
||||
you want to make your life easier and your operations less cost
|
||||
intensive, you switch to IPv6 only networks.
|
||||
|
||||
## Blocker for the IPv6 only migration
|
||||
|
||||
We argue that there is no practical blocker anymore for moving to IPv6
|
||||
only networks, because even reachability from the IPv4 Internet can
|
||||
easily be achieved using [IPv4-to-IPv6
|
||||
proxies](/u/products/ipv4-to-ipv6-proxy/) or
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
title: Blocking Source Address Spoofing
|
||||
---
|
||||
pub_date: 2020-10-23
|
||||
---
|
||||
author: ungleich
|
||||
---
|
||||
twitter_handle: ungleich
|
||||
---
|
||||
_hidden: yes
|
||||
---
|
||||
_discoverable: no
|
||||
---
|
||||
abstract:
|
||||
Let's not let the wrong packets in.
|
||||
---
|
||||
body:
|
||||
|
||||
## TL;DR
|
||||
|
||||
Effective 2020-10-23 we drop source address spoofed packets in Data
|
||||
Center Light.
|
||||
|
||||
## Introduction
|
||||
|
||||
We have received a very helpful hint from a group of researchers that
|
||||
spoofed packets from our own
|
||||
Loading…
Reference in New Issue