> * Only HTTP, SMTP, FTP, and DNS traffic are permitted through an IPv6 > Native firewall (pings, traceroutes etc. are dropped) Why? Shouldn't we be prompting good firewall practices? Droping ICMP was a knee jerk reaction to ICMP echo to directed broadcast addresses. Modern routers can be configured to drop directed broadcast packets. The need to block ICMP has long gone. All it does is make debugging the network harder. Mark -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews@xxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf