Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why folks are blocking IPv6 extension headers? (Episode 1000 and counting) (Linux DoS)
Bob Natale <RNATALE@mitre.org> Thu, 25 May 2023 22:15 UTC
Return-Path: <RNATALE@mitre.org>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D40F2C151B20; Thu, 25 May 2023 15:15:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.398
X-Spam-Level:
X-Spam-Status: No, score=-4.398 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=mitre.org
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n6L1frPM3-_2; Thu, 25 May 2023 15:15:07 -0700 (PDT)
Received: from smtpvbsrv1.mitre.org (smtpvbsrv1.mitre.org [198.49.146.234]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BB72BC151B1C; Thu, 25 May 2023 15:15:06 -0700 (PDT)
Received: from smtpvbsrv1.mitre.org (localhost.localdomain [127.0.0.1]) by localhost (Postfix) with SMTP id D7999132E02E; Thu, 25 May 2023 18:15:04 -0400 (EDT)
Received: from smtpxrhbv1.mitre.org (unknown [198.49.146.55]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtpvbsrv1.mitre.org (Postfix) with ESMTPS id 89328132E026; Thu, 25 May 2023 18:15:04 -0400 (EDT)
Received: from GCC02-DM3-obe.outbound.protection.outlook.com (mail-dm3gcc02lp2104.outbound.protection.outlook.com [104.47.65.104]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtpxrhbv1.mitre.org (Postfix) with ESMTPS id 6C1F6413DC7; Thu, 25 May 2023 18:15:04 -0400 (EDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LLYoe25+YQuHqTZBzhlpdT+iEKY+NooiHIoUukI9Al+uwIccLSWi39IVVQAqoxw7BsB/mO1hd313eUI+qcPlrqZIDxP6V9yAKRAbW7oMsPU/3+7XeKEutEOf0HNHmxGXh6a6ROOqKGpBi67UF9Z2H+1Ubho7z0Ac8bBa0xPrEuP18cRYrRSCzv/SjSNXee+NgN6JYqEX0hOAhECOtPDKrQVvv4hwkyznjkVBktbqojT0jKZMq3YvzZ1ua8t2HJxFGTAxHDEx67RyUuWb2hGddiM1/z8JHbIxmLZlvq88K0RjCZi8EsIcxbu0ohWPhn7/gjB9wMy6fWsHtKggyJGKbw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=HJ1Q82p65adwDDWQ+cQ9aEjit8RHy8+9o5A7fX+CH7c=; b=Yp0Y50WVTB2yjejUVHZ7DOUbJgsPEou0Z4SDyCWIzO3L2VZP1IdsJmTeBl0MyElSbFf1kbtrfKSdio3VffqTlMFqussOVQE192tcBMcjOoV6RvBx7/ZnjZVh4shT5gXc8jH5qTCKwQuBMGVdovbOLTA6TMWXyxyZhvIRkZ3ap4QsqGPSMs8gpuZ34C6fIjUwDPRvBhv56EkOicJVgyzU0wexVrfH3cyp+DSSgLFceg4zhGnUYSEXZi0WPkstkVs6YCXTQ5xp5jsJ1zWuvXusE34jBM6XB8zJY5Wnzs4QbN1SyIutZImUMvOEAGtS1CjHxQcs0HZopr217pANByVd9Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mitre.org; dmarc=pass action=none header.from=mitre.org; dkim=pass header.d=mitre.org; arc=none
Received: from MN2PR09MB4716.namprd09.prod.outlook.com (2603:10b6:208:216::19) by BLAPR09MB6594.namprd09.prod.outlook.com (2603:10b6:208:2a5::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.16; Thu, 25 May 2023 22:15:00 +0000
Received: from MN2PR09MB4716.namprd09.prod.outlook.com ([fe80::13cf:6f04:8e99:9811]) by MN2PR09MB4716.namprd09.prod.outlook.com ([fe80::13cf:6f04:8e99:9811%4]) with mapi id 15.20.6433.017; Thu, 25 May 2023 22:15:00 +0000
From: Bob Natale <RNATALE@mitre.org>
To: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
CC: IPv6 Operations <v6ops@ietf.org>, 6man <ipv6@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: [OPSEC] [v6ops] [EXTERNAL] Re: [IPv6] Why folks are blocking IPv6 extension headers? (Episode 1000 and counting) (Linux DoS)
Thread-Index: AQHZjxS4rUKmcSGJ40CNRGJCvQwKLa9rbm8ggAAO3ICAAAhvAIAAB+3w
Date: Thu, 25 May 2023 22:15:00 +0000
Message-ID: <MN2PR09MB4716AC6A2B257315A4B210DEA8469@MN2PR09MB4716.namprd09.prod.outlook.com>
References: <11087a11-476c-5fb8-2ede-e1b3b6e95e48@si6networks.com> <CALx6S343f_FPXVxuZuXB4j=nY-SuTEYrnxb3O5OQ3fv5uPwT8g@mail.gmail.com> <CAN-Dau1pTVr6ak9rc9x7irg+aLhq0N8_WOyySqx5Syt74HMX=g@mail.gmail.com> <a087b963-1e12-66bf-b93e-5190ce09914b@si6networks.com> <CALx6S349nNA8L5+_1hrbWayqp8GfTYypWy_SP57c_Xxams=csg@mail.gmail.com> <51a066b3-4b4c-d573-ffbe-d6b44a4f193f@gont.com.ar> <a411a1b0-c521-c456-3d44-d99a1cc0975b@gmail.com> <CWXP265MB5153E4687BE45480DBC5A531C2439@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <27d28224-0cb0-eec2-8d54-f0d175596c85@gmail.com> <f5758380-9967-b67b-744d-dc36b7b599ab@si6networks.com> <72784f8e65f34bcc9f5652c0a553c70c@boeing.com> <CALx6S373P2X-JRbCNpOCGuq_Cum0+OzJFRBkuQ64h5R52B7Dhw@mail.gmail.com> <222731ea012b4b0ebd7a51f72b5bcd40@boeing.com> <dd61024e-1bd8-ff3d-216f-22cc7600ad10@gmail.com> <fb20cb79bb3b44378d25bd5ea65b89c5@boeing.com>
In-Reply-To: <fb20cb79bb3b44378d25bd5ea65b89c5@boeing.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=mitre.org;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: MN2PR09MB4716:EE_|BLAPR09MB6594:EE_
x-ms-office365-filtering-correlation-id: e13b5f4a-0b9f-4642-539d-08db5d6d7b4b
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 7TA1tJ9aVOeZnFs/EOsPm6qfQ4qSpWeKGEDfmSCCg45vGSjj7siDxaMRdWKqstE68fBa2/XQj6yoLuWkzf691YY+0JAvMlCO14dOZWa4It8Xvk+dP9/rHgQX0gwtV8zgzDGVdAiw0H6Z/Bpvnl2kCCj+SVZpvBL1qgePVHhblWMWLJMglOdTkh3L/ryZezm2NawP8+F0XFrrxdwxK3ZlHp+0Q8x/ojkZ/nNZF+fIFZ+P93TWL49nMklvoZ6TrX2WocnSbP2CBilBtMJYLRLRCI033OehKC+overZMEUxHpNyYbMKnl8jxxN49Cw6HHsWPlVIJ/ZoBJKwu1aOnKGjb5QpzqCaVIgirP95HRJQbdwwyPedVwqucetCbhoM5nDyJPCfaH3E6CSyj/839Z42kZYlKzVB5n7xHsKAJEmsIuKBQLpP+VNtZbvauleYMF+sRUwosRcNR075difv7590kQ9IYLfTKi3fzYkuxNo5FbJDBVdFUyHZNbU9bb0cdSJcGlOKQAMzq1lvkpZKT1+jtg9iWIJBZfajUd2uoaEmPwrLYcpcWWEzY9kzwfWt/wQSfMq5PtCJ7Orx4StGlpXcJniS+Oa3ZKshvF2LyLbrFaRBrrsLxgOeuHsMdwXElsOX
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MN2PR09MB4716.namprd09.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(366004)(451199021)(4326008)(33656002)(55016003)(6506007)(53546011)(86362001)(8676002)(8936002)(9686003)(26005)(186003)(110136005)(5660300002)(83380400001)(76116006)(52536014)(54906003)(64756008)(66556008)(66476007)(966005)(66946007)(38070700005)(66446008)(122000001)(71200400001)(498600001)(7696005)(38100700002)(66574015)(2906002)(221023011); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: diExr/nMNE8spui/mUC90cwB1YxFrSUV27SRZM/XDVZfaCfzGJp0IFAldUpmNalelgESI3nQfE///tIeCliINdJ/T4ReGSHdLSAP0AJS4uj3ZCvmkU+5rbshieX/zpXxUBMXqEc6kwlO7cduzZTJ19yVPJ4LjvuOuSiOeUhi6GyrIrGcnMKID3Hy2IaybHMmW8A26PU8tydGyUt+f8DucdZlOaIo76TdHbdOIWIHqcBx/QQ6x9ZqrG+ThJ+2gx4spQE/qQrJvzL7baMTEJz1ycPYc8r5qMbh8HA+8zcjsCcpfC/2690fE64fM23Jj5Ihf2FrlmH5BmImmo7ar7m+sHPPJxUfplQ4Ufy8m3KBYC/IFZVwREMvYy6whjsHgDFp+0uTNirixRr1atOKhI0/pV8NSjGy37iqb4CXQd9Q2EpSygsa4zosrKhsXfYzXCFkKAr9zCX+G8MwWFqYMwmHUBY/x5h02jB5wUaWRpHHdr/0XA3jc9PDddyJIHvqcUQccdNvdeRr1bj0ziSRYAQL3zUJGDTkJ31DF/blOOxlsAP3L464PGh4InQZe7d1Z10W4v/XUU+4Ptqgqncu0yS0M92wABL+2HMRu7Tc7tyMcf1xW0kTog1FHpoAQ/HgZJ6ZiIWfhO/1rV4FcNECjCpSdDpF7eJaXLTbveSI+l7rAAck7HMKjFffIiv9cDYDwsk2dyp8jVG6cVVvWN+HhDAmnqOHLdON4PFWZk/mcT8sbktNMcjXiRyav8aeX/fKT55lPcRzSp0mPnMw73b2+pav1M+6eJmagrFeaD7XriNr6eYihsKcnu3Udb63EvB1mSvtvppzt7J6lyklPZlTTnGsgvEVKw6gZJEqlrG7rkCLdYGMevhF3IG9KDEoES+K04TFhpWTr0kTt7fWKrkh2b5WW1w9tWowhRpGdpGk1vv4L0q8oSXfoH8ievwJqyLdu96WhFKYDD63nVDK8vQ6M723byMb8OktCRynqGUa6CZ/WBfs42RI4lSsDGVtA1RWmWAN2nh30qAjh4ZUTWc6xs45asGfBsg5yBZ/OSdKER8mMhe1w13M/n01KjBIqCN9GompVvrkFaHadWmkbSk2HqrVi6EQHmPtlgE9J4hjt3lRasC2wVEqdO/lBRmm7MFfGgaPwr9W2u5AwNxTAz5rD3XKtV2xSXMUDQm8pGnjoVC07plb76JXMcYdrSAz3vcfQTIVc8Y9FXAxulHQf9FOH/ve9YRC839RNrQyFoHrnKPqOlpcU034R5/LaG7hG9Uo+dmQXkLcEeNKQQ+wc7BScsIBJrqr8dpQ+KCvs/e8q3B7qRfLluBLorhWvm59o/gfzREUpDaFq7uT4G34BL3zvrIVHIzQ4xxD6w/5CTDqPobgBBl7XkTNrCFUx9VVTIKev7/vr3hUEWNtIa9J8HBjESudWuBdo50AgJktfV2/WPaV4sKth1Je+WlgEjQTWcZYPyPCrXTJM6FFcQaJ3xkiJLN7tSXPMDcCUURVCiBUgTQrRMQKuwmqMkgkYyI3TWIbwYOAaM6yzdxxCbTTziCcsUdLSrKX+9Rf66QBkqnP7bDQLSM=
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: hUHzA/Y8MG05vo6CiXPVJO75+0MZnviYD9S20kj+m6KGMrM8F2P8vKfza0E6SxT4VnIrkzUr7iOQwJGYTNd8kw2nb8GbZrXUf9lmt3t4aoHZm/AW+GvifLNnZDZWZNi4ssE3O3kPfgXSVEFh4yh36+KWY3DFmWljo6AQB9BJ1Cbr4lnOZYLiwx4CORuqytVpZpbDsO6jfYJNP1sv+LoCvZxVa1Qtn08ZgIcZxBkvXxt4qEYOwfoBG2nSr+yxQcveB8000qnpmYN7GdIgd3Sq4L7eh9SkV6OxnJpzRSX9CgfcHtmKlFpHzOLq1jLhjyzQK8oon/AAQPJizXZ29siLfooZvUza9AEhCFQ7UFsFwinuTdgeRynL270bSvWrGyTkmhQSUxFenYvmi7aTDQI0hmc11+YNGM9pYD9xH988P0Jv4OmhLcxFOO17BO3JP4PiIzvdnncFgLVsd2P3IT7qkSyVnXPLBFP86o+ucMKN/9vwDitHGyiEsMWn+uydTnSnyPLARMKF9thUBZ8oAJEWv0iV/b8hwG7v/1c7qn7h0yNOjtdnG2BZi43k9tq90UuDRHgiTmoYQ7HqdKSRNrlRXv/H6HfJB2pHtStww+L9PomLlHsqC4PHMdtZgZ0NxiCOhFidvf0WHFGQmjT5WVM5Vjs+nSUy85y5BvrMXgaabJGU6gp7m4y5bqBgfidnOQy4Uuh1gHRDAoUaJ81wimLvyfanJZIGTtcN7XMq0aH4xUWqzncsDkbTorpWsI9mQxZcNAw0JD5bKPGPZSZr0Ro+whQkWBFjGGTV/H8mEu6tzixYzQQokTSJftj93SmJpKAPQ2kNMUJ8hRRJT+2g7iZvFQ==
X-OriginatorOrg: mitre.org
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MN2PR09MB4716.namprd09.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: e13b5f4a-0b9f-4642-539d-08db5d6d7b4b
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 May 2023 22:15:00.4308 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: c620dc48-1d50-4952-8b39-df4d54d74d82
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BLAPR09MB6594
X-MITRE: 8GQsMWxq66rxk57w
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mitre.org; h=from:to:cc:subject:date:message-id:references:in-reply-to:content-type:content-transfer-encoding:mime-version; s=mZkevYdL; bh=HJ1Q82p65adwDDWQ+cQ9aEjit8RHy8+9o5A7fX+CH7c=; b=s7cR9MV6XF+z2dv65lFINik5IysyHWBMSc6a8vYcBtQ6YtsylKj80wk0EODhMjHdv5Q5q7ZI8kfyK8hpU2BsFNzbAirUIDjHBrAeaaQcl9KSEZxqqT81r85PXwVtoKNZreEPGp/aLDNGNOAVU/wb4cwxBmOeCL/ef3XMU038Bq4=
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/3ceUc8NLdndcJWR7avj8f6X7bBw>
Subject: Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why folks are blocking IPv6 extension headers? (Episode 1000 and counting) (Linux DoS)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 25 May 2023 22:15:10 -0000
Speaking of sales pitches (and IMHO): "Zero trust" is an oxymoron in all but trivial operating environments. (That's a blasé assertion anyway ... we're on to "observability" now!) BobN -----Original Message----- From: OPSEC <opsec-bounces@ietf.org> On Behalf Of Manfredi (US), Albert E Sent: Thursday, May 25, 2023 5:44 PM To: Brian E Carpenter <brian.e.carpenter@gmail.com> Cc: IPv6 Operations <v6ops@ietf.org>; 6man <ipv6@ietf.org>; opsec@ietf.org Subject: Re: [OPSEC] [v6ops] [EXTERNAL] Re: [IPv6] Why folks are blocking IPv6 extension headers? (Episode 1000 and counting) (Linux DoS) -----Original Message----- From: Brian E Carpenter <brian.e.carpenter@gmail.com> > It's perfectly fine if a host chooses to block incoming packets for any reason whatever, including unknown extension headers. That's quite consistent with the *network* allowing permissionless innovation. Right, but, as others mentioned, there are likely going to be IoT devices in my home, or in my enterprise, which are not as updatable as my smarter boxes. And those need protecting too. So the easiest approach is to keep out anything potentially harmful from the inside network. Also, this same sort of security gateway model is used in the defense industry. Put the burden on some gateway box rather than relying too much on individual hosts. Why? Because "We don't necessarily trust the vendors of individual hosts, so we'll use a broader brush approach." This is real. > The problem arises when any upstream intermediate node drops a packet because it doesn't like it for some reason. There, you immediately create the tussle between transparency and security, and I strongly suspect that there is no universal way of avoiding that tussle. Not every new feature has backing from Google. Agreed, and my bet is, the tussle will favor not banking too much on header extensions, when security is an issue. And security is increasingly an issue, as we have seen over past decades. > I don't want my ISP or my CE router to block any extension headers. My bet is that over time, IPv6 CE routers will likely block anything unneeded by default, and then maybe permit users to go to "advanced options" to fine-tune the router to their special needs. And as we know, the very vast majority will never attempt any such thing. (Just as the very vast majority never even change the default name of their home WiFi access point.) I understand your point about the IPv6 sales pitches. Skepticism about sales pitches is not unusual, however. Bert _______________________________________________ OPSEC mailing list OPSEC@ietf.org https://www.ietf.org/mailman/listinfo/opsec
- [v6ops] Why folks are blocking IPv6 extension hea… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Ted Lemon
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Jen Linkova
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Vasilenko Eduard
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Dale W. Carder
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ackermann, Michael
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Xipengxiao
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Michael McBride
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ackermann, Michael
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Ole Troan
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Haisheng Yu
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Bob Natale
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXT] Re: [OPSEC] [IPv6] Why folks ar… Bob Natale
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Michael Richardson
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Trøan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Michael Richardson
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Brian E Carpenter
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… hsyu
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Vasilenko Eduard
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Vasilenko Eduard
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Brian E Carpenter
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Bob Natale
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Haisheng Yu
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Warren Kumari
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Ole Troan
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Warren Kumari
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Andrew Campling
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Fernando Gont
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Clark Gaylord
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Brian E Carpenter
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Brian E Carpenter
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Andrew Alston
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Andrew Campling
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Mike Simpson
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Haisheng Yu
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Nick Hilliard
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] [EXTERNAL] Re: Why fol… Bob Natale