The IESG has approved the following document: - 'Recommendations for Filtering ICMPv6 Messages in Firewalls ' <draft-ietf-v6ops-icmpv6-filtering-recs-03.txt> as an Informational RFC This document is the product of the IPv6 Operations Working Group. The IESG contact persons are David Kessens and Dan Romascanu. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-v6ops-icmpv6-filtering-recs-03.txt Technical Summary In networks supporting IPv6 the Internet Control Message Protocol version 6 (ICMPv6) plays a fundamental role with a large number of functions, and a correspondingly large number of message types and options. A number of security risks are associated with uncontrolled forwarding of ICMPv6 messages. On the other hand, compared with IPv4 and the corresponding protocol ICMP, ICMPv6 is essential to the functioning of IPv6 rather than a useful auxiliary. This document provides some recommendations for ICMPv6 firewall filter configuration that will allow propagation of ICMPv6 messages that are needed to maintain the functioning of the network but drop messages which are potential security risks. Working Group Summary This was approved by the IPv6 Operations Working Group following an extended discussion. The document was originally proposed for BCP status, and was downgraded to informational based on the notion that we should get experience with the document before giving it that class of approbation. We expect to review the document about a year hence in view of operational experience. Apart from that, the working group has been supportive. Protocol Quality David Kessens reviewed this document for the IESG. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
