A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Mobile IPv6 and Firewalls
Author(s) : F. Le, et al.
Filename : draft-le-mip6-firewalls-01.txt
Pages : 13
Date : 2004-7-20
Firewalls are an integral aspect of a majority of IP networks today
given the state of security issues, threats and vulnerabilities to
data networks. IP networks today are predominantly based on IPv4
technology and hence firewalls have been designed for these
networks. IPv6 networks are growing at a slow rate. Firewalls for
IPv6 networks are still maturing and in development.
The IETF has recently standardized Mobile IPv6 which adds mobility
support to IPv6. Given the fact that Mobile IPv6 is a recent
standard, most firewalls available for IPv6 networks today do not
support Mobile IPv6.
Unless firewalls are aware of Mobile IPv6 protocol details, these
security devices will hamper large-scale deployment of the
protocol. This document presents in detail some of the issues that
people deploying IPv6 networks which include firewalls should
consider when expanding the scope to support Mobile IPv6 as well.
The issues are not only applicable to firewalls protecting
corporate networks, but are also applicable in 3G mobile networks
such as GPRS/UMTS and cdma2000 networks where packet filters are
implemented in the GGSN in GPRS/UMTS networks and the PDSN in
cdma2000 networks.
The goal of this Internet draft is to highlight the issues with
firewalls and Mobile IPv6 and act as an enabler for further
discussion. Issues identified here can be solved by developing
appropriate solutions in the MIP6 WG.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-le-mip6-firewalls-01.txt
To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of the message.
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.
Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-le-mip6-firewalls-01.txt".
A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
Internet-Drafts can also be obtained by e-mail.
Send a message to:
mailserv@ietf.org.
In the body type:
"FILE /internet-drafts/draft-le-mip6-firewalls-01.txt".
NOTE: The mail server at ietf.org can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-le-mip6-firewalls-01.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/i-d-announce
