Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why folks are blocking IPv 6 extension headers? (Episode 1000 and counting) (Linux DoS)
Andrew Alston <Andrew.Alston@liquidtelecom.com> Sat, 27 May 2023 21:33 UTC
Return-Path: <andrew.alston@liquidtelecom.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 55ACCC151093 for <v6ops@ietfa.amsl.com>; Sat, 27 May 2023 14:33:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=liquidtelecom.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WD79LRXMybBH for <v6ops@ietfa.amsl.com>; Sat, 27 May 2023 14:33:20 -0700 (PDT)
Received: from eu-smtp-delivery-182.mimecast.com (eu-smtp-delivery-182.mimecast.com [185.58.85.182]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE5A5C151091 for <v6ops@ietf.org>; Sat, 27 May 2023 14:33:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=liquidtelecom.com; s=mimecast20210406; t=1685223196; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=EviCG7xspdc+51bHCyka7My4Zaemx+S1hxnQU+vFea0=; b=ib/mZGb1+1/phdtz+lKIxKuhTJDi9Mnzt2YFEgHrD6Ezu0Cw09Wh2qky7rz+MySpfH7Ops 1vtnG9T6dRKGjyt86oPepKQiicgJIrljW2ft0QG+48MBUY6GpXZjm8vlGbrX8XBe9N1FlD aSr+tLn6aPi8HGrU/zAG1wzWw9D4MzM=
Received: from EUR01-VE1-obe.outbound.protection.outlook.com (mail-ve1eur01lp2057.outbound.protection.outlook.com [104.47.1.57]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id uk-mta-72-OfioWWK3PxOVLQ-tGJG8cw-1; Sat, 27 May 2023 22:33:13 +0100
X-MC-Unique: OfioWWK3PxOVLQ-tGJG8cw-1
Received: from AM7PR03MB6451.eurprd03.prod.outlook.com (2603:10a6:20b:1b3::22) by DBAPR03MB6439.eurprd03.prod.outlook.com (2603:10a6:10:199::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6433.19; Sat, 27 May 2023 21:33:09 +0000
Received: from AM7PR03MB6451.eurprd03.prod.outlook.com ([fe80::a27d:bb3e:ffaa:ad51]) by AM7PR03MB6451.eurprd03.prod.outlook.com ([fe80::a27d:bb3e:ffaa:ad51%4]) with mapi id 15.20.6433.020; Sat, 27 May 2023 21:33:09 +0000
From: Andrew Alston <Andrew.Alston@liquidtelecom.com>
To: "Manfredi (US), Albert E" <albert.e.manfredi@boeing.com>, Tom Herbert <tom@herbertland.com>
CC: "v6ops@ietf.org" <v6ops@ietf.org>, "ipv6@ietf.org" <ipv6@ietf.org>, "opsec@ietf.org" <opsec@ietf.org>
Thread-Topic: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why folks are blocking IPv 6 extension headers? (Episode 1000 and counting) (Linux DoS)
Thread-Index: AQHZkCnS6acxfM7MeEuWMNI3u9MUDa9uYJkAgAA//ICAAAIeqw==
Date: Sat, 27 May 2023 21:33:09 +0000
Message-ID: <AM7PR03MB6451E83F44D1A15FAC64717CEE449@AM7PR03MB6451.eurprd03.prod.outlook.com>
References: <11087a11-476c-5fb8-2ede-e1b3b6e95e48@si6networks.com> <CALx6S343f_FPXVxuZuXB4j=nY-SuTEYrnxb3O5OQ3fv5uPwT8g@mail.gmail.com> <CAN-Dau1pTVr6ak9rc9x7irg+aLhq0N8_WOyySqx5Syt74HMX=g@mail.gmail.com> <a087b963-1e12-66bf-b93e-5190ce09914b@si6networks.com> <CALx6S349nNA8L5+_1hrbWayqp8GfTYypWy_SP57c_Xxams=csg@mail.gmail.com> <51a066b3-4b4c-d573-ffbe-d6b44a4f193f@gont.com.ar> <a411a1b0-c521-c456-3d44-d99a1cc0975b@gmail.com> <CWXP265MB5153E4687BE45480DBC5A531C2439@CWXP265MB5153.GBRP265.PROD.OUTLOOK.COM> <27d28224-0cb0-eec2-8d54-f0d175596c85@gmail.com> <f5758380-9967-b67b-744d-dc36b7b599ab@si6networks.com> <4FCF75B585A1D068+7D9B99BB-B24B-4FE8-A3FD-54877C7C1131@cfiec.net> <375ea678-b05f-7bb6-5ae2-43c54cd271f4@si6networks.com> <CALx6S34u5=2UxEz3zeApv+_-W=PTj0PzMRHS1UC=zRchqVCDyQ@mail.gmail.com> <882610dc-cf8f-e08d-8d9e-0e786097f520@si6networks.com> <CALx6S34AnMaVyEVQxaO0b1JGbQetQvDC+xDHk6aH5vbXM-KT7A@mail.gmail.com> <2a02905427604fa6a4c95e2eaa1dd165@boeing.com> <CALx6S36pmsZighJVBLEZWvYqTh1tJtU4SH2Ym0V7oS87dPWAHQ@mail.gmail.com> <6b3a40ef922c47a483860468aac73502@boeing.com>
In-Reply-To: <6b3a40ef922c47a483860468aac73502@boeing.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_Enabled=True; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_SiteId=68792612-0f0e-46cb-b16a-fcb82fd80cb1; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_SetDate=2023-05-27T21:23:43.0931171Z; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_ContentBits=0; MSIP_Label_99ef9a43-ff34-4715-a5f5-dfd82916d644_Method=Standard
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: AM7PR03MB6451:EE_|DBAPR03MB6439:EE_
x-ms-office365-filtering-correlation-id: 8ac64875-b1c2-4aea-99e8-08db5ef9f77c
x-ms-exchange-atpmessageproperties: SA
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: Hq6mCF1nEuDI8VOKJX/NT55gy0yuF7picBYV17h9UEpSvERPYu6oodVRWQrTmGoQPUjLoOz9CE/eERY9tTg12ZZJdWEnjVtDCNZts1JbfbN5poUn4HC0WY9XgeYQg2z9ea1kHGM6HoxsBDcIx2+3UY8UKUeQHAwQfrslrLhnzbLgdCtHxxXuYmAnSpks6sgVEUE3921DnF6Sah1a8IOKAf7bDGjxQStl3Q24laF+qbXXlyfa4EJ+/aLXvonURW0H8YRspq1ktnQIxiZUI0eHRECDeU/nGPYbnoKe/K6P2W+X6qEENM0inoau550/IUQ7VXzT74BWlwE7kwnCJ0PXCnpzK/1TdjxJyTjJaN8M0VRIUtnCFP3U9ptPBFwLDIlrE1Vqx4x1cvbI2uaYoLi3kOWv0IJ4hU2FPrYQVJsLhd7VYQ7zQOd+sUjNhfdYKrIftiF8LOWw3DnnwoClvCYFg09BS5C9FEV2aDfYnJCLAJfRGbutndKyWTUEO5SVJmSHE+GpNn/xIJU1RFsAYaKeDq+9W1EweKhkgfJInx4tD+tpAulSBwcToCfpkZZN/wckhqN89xJOV0NHpusmSh1b85MT+tahqd1WecycBh1zlFzA0qa4G0QEPDJlc78QSlHsOI0DS49H7AeY8qPczA4nmjgiYFJPYl6fK9NCZv7+clc=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:AM7PR03MB6451.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230028)(4636009)(396003)(376002)(366004)(136003)(39850400004)(346002)(451199021)(86362001)(2906002)(186003)(66476007)(66446008)(45080400002)(76116006)(66556008)(66946007)(64756008)(38070700005)(4326008)(91956017)(53546011)(166002)(9686003)(6506007)(26005)(83380400001)(33656002)(5660300002)(66899021)(8676002)(966005)(8936002)(38100700002)(52536014)(55016003)(7696005)(71200400001)(41300700001)(122000001)(316002)(478600001)(54906003)(110136005)(221023011); DIR:OUT; SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: jKlrrdoRZnIY2W0lnkKZVszCeH/BWLq+dhrd0DqBY6d+mTWOn9AEEp/b/qdZEiTdyc2u38Q+G7DN4G73TiKc+TPQYZz0HuUvCDsjztmePozzF1SccvAkRvNjaL07X7+LCYnsUHyheQynh6l4j3XSOQM0oezDHIKAI7XhLZyvr1+Dg7VCeX75jhghN8oHZmWD5B7kMdmZwl0YnFon9oDswrkIDRccbED/hTE35CrOl+eBtLgr3RjB1zbk89LpCWclx2cOe8fzyOLIkXXw+yz5UN1MDb4/n6+82OXm8V4eT3YBWp4xSm98Zn4MO+a+Zis5/MzFdhgcQw63mankO5DcBo5nSiBfYhpIoGVQhLdESjC5BQ6LjJfdBtUv6KYVbti35xP315SadovzdNJyUVy0N6gtFY6WggnWh++aujpFswtl8OS9GkZGdF5PrxBpyG6uBs1mi0PmCEOGAbbs+xjMjak59SPqpFCZNAZTvxIxT9r3dAJH+maoBuY2laIE/1JS5v2zrQXgCkcXB1Hzj2BDKzxaaA6n8jN8CuDd79WbIr3zJvSI5di7XxWxgj0JoOju0R8NvA72iTkCiDKRcgTd1+omaKuR66LsFRxCreSSCol9fx0cZz2bM6QKXBTAcDRsrDCs9ObD0QxbFRh253hXtlfFH5tAx9hITOOfSa7ODYY823oH9FNGvgaCdoLSf33m2ev4Q3WaNh8VppLOkhvgrCey6dCoM2eEtszQNhSllH9NKgE4DsCQ3TQcSTIEpq13KU1QAhlE3ViEgXr8xUq9LhFOKdV6ftriLFQMW9ZEPZuQ08rnPB8Hknf3iC7M9ih3EngAcrAhaRkb/YkQhBeMCC56iOYtti6Ac5EQ4ice9DHztnNrCz0SiQBshTd1M9elw0nIgpxc8oKn4JQDID1xw6rI7Ait4zxVi4dEwkdZiEXkb0qnPyj6cAVHJZ5wfIF5xpIjO890azCE57Kndx31H3VOKGZheTEo9GOmf868S7OQvMATdRv+oZ+93xVafCzR+F+J9DHCCE+7a026zNKgqJqjn01eFP55VdVP9CzUbuWCXSJLatx0XXFVqE/P+ODuZInZox5lEYaBAYGJ4pKd9H+TjqQ/H6EMd3vS0kfAOzAO3HawFHu9uvsx+AUHfGpxG4vlC2mW9GsLRIzz5i1i1xnaZMclOP9+ClY8wGrHIGXtYZhJKjv4EYl0wmXSAT4DY27O8ZyQZz/na35dTRT/swD4610SxAUGr33v0X0kIfTTvq8+XwvqxvuNQvoVkTSmvXPN0zKXjaHIt1EPodGhm6hLZVKtfP0KuqeQv1Wos8Ygz3E8JdOMPEqjVaNDEBX87z5h8Jru+BTD/9jDqAQP/GQvlSC6bMYvNyhMm9o1FHfcV8o7jN7PJ2cw8fUpIN6knMzag7Toxgt2Ay9fTlchX5XxCDoK+KW4EvKWeXwpkduLQAzzNw6WcM4SKNAk8ZqEr4O7qk1istUm0uvufNx7kHykOC6wFEgpEjpsHD9lk7emtRrR6DHoK9pZr5y+A2kVVa7RvOrd5Y0LdeRwWdUXBEaHi5hkyRxWI4GtFcLUDYgAZ0IXz8TBw/YFFmdDlTEU4uCOAA4xuc5yXKjUrNE+Y9V6lnB5ZKa0IvjKJ5lRvqg=
MIME-Version: 1.0
X-OriginatorOrg: liquidtelecom.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: AM7PR03MB6451.eurprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8ac64875-b1c2-4aea-99e8-08db5ef9f77c
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 May 2023 21:33:09.4987 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 68792612-0f0e-46cb-b16a-fcb82fd80cb1
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: gTB2KtJspA54Va8O5CWHUREnvXIM6qZ43vmL1KEMav66/8zSbE9Ix1oA/pmiplUbZdzjPHUYuAIOhkWXL3vCQxQnrGJi0/qh+cIrJZ4D+2Y=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR03MB6439
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: liquidtelecom.com
Content-Language: en-GB
Content-Type: multipart/alternative; boundary="_000_AM7PR03MB6451E83F44D1A15FAC64717CEE449AM7PR03MB6451eurp_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/v6ops/bDTJkGCTKBaD3_o3Z7ocPZPR0SE>
Subject: Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why folks are blocking IPv 6 extension headers? (Episode 1000 and counting) (Linux DoS)
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 May 2023 21:33:25 -0000
Speaking strictly in my personal capacity wearing no hats. I sit on both sides of this fence - there are many extension headers that I wouldn’t block - there are others that I certainly will - mainly because they represent a fundamental security risk my view. So that leaves me with a choice - permit the headers through my network because people wish to use them - or filter them to protect myself and my customers. I choose in the case of certain headers (srh would be top on that list - for all the reasons detailed at https://mailarchive.ietf.org/arch/msg/v6ops/GbWiie-bjQ_Bp1JKB1PlDh_fPdc/) to err on the side of caution and filter. Keep in mind that what may seem like an arbitrary decision may well be driven my conscious decision that is simply not as public as some would like. I point out that the standards mandate support of certain things - but they do not - and cannot - mandate how operators choose to run their networks. If I feel something poses a security threat - or if I know for a fact it does - I'm gonna block it all day long. Just my thoughts Andrew Get Outlook for iOS<https://aka.ms/o0ukef> ________________________________ From: v6ops <v6ops-bounces@ietf.org> on behalf of Manfredi (US), Albert E <albert.e.manfredi@boeing.com> Sent: Sunday, May 28, 2023 12:16:09 AM To: Tom Herbert <tom@herbertland.com> Cc: v6ops@ietf.org <v6ops@ietf.org>; ipv6@ietf.org <ipv6@ietf.org>; opsec@ietf.org <opsec@ietf.org> Subject: Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why folks are blocking IPv 6 extension headers? (Episode 1000 and counting) (Linux DoS) -----Original Message----- From: Tom Herbert <tom@herbertland.com> > Correct, that's the fundamental problem. When public network providers apply ad hoc protocol filtering, that limits the capabilities and opportunities to provide value to the users. For instance, if someone came up with a new transport protocol that improves user security by 10x, we couldn't deploy it because some network providers would block it. So the very security policies that are ostensibly in place to protect the users can actually harm them. Potentially, I agree. Problem is, each of the players has to determine what is an acceptable risk. If an ISP wants to keep his infrastructure secure, he's got the responsibility to make it so, as best he can. He can’t trust mechanisms that either don’t exist yet or that might introduce their own new vulnerabilities. Someone says, trust me, these extensions will be for your own good, and yet he is fully cognizant that those extensions could also be used in ddos attacks, he'll say thanks but no thanks. Maybe I'll let those through after we're satisfied with testing and experience. > As for what constitutes the "the greater good", like pretty much everything else in IETF shouldn't that be something determined by "rough consensus"? Yes, but unfortunately, that does not absolve the players of their own responsibilities. In matters of security, no one will blindly follow "rough consensus." We are 180 degrees from the Postel principle: "Be conservative in what you do, be liberal in what you accept from others," is turned on its head, as we know. For system security, you cannot be liberal in what you accept from others. > Even if the consensus were that extension headers need to be deprecated, to me that would be better than the current situation where we, specifically application and host developers, need to deal with a patchwork of anonymous and seemingly arbitrary network provider policies that degenerate the end to end services we can provide to users to rely only on least common denominator of protocols which we can only deduce by guess work. I get your point completely. We don’t have an IETF dictatorship though, so what happens is that over time, smart people have to decide how best to do their jobs, given the realities of today. There is a lot of infrastructure flexibility, and apps, thought really cool when they were developed, that go unused for just this reason. Such as, you might be better off, in your network, to use proxy-MLD and to block PIM-SM. Same goes for some or even much of ICMP. It's the tussle Brian C talks about. Bert _______________________________________________ v6ops mailing list v6ops@ietf.org https://www.ietf.org/mailman/listinfo/v6ops<https://www.ietf.org/mailman/listinfo/v6ops> Internal All Employees
- [v6ops] Why folks are blocking IPv6 extension hea… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Ted Lemon
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Jen Linkova
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Vasilenko Eduard
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Dale W. Carder
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Nick Buraglio
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ackermann, Michael
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Xipengxiao
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Michael McBride
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ackermann, Michael
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Ole Troan
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Haisheng Yu
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Andrew Campling
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Bob Natale
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXT] Re: [OPSEC] [IPv6] Why folks ar… Bob Natale
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Michael Richardson
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Trøan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… David Farmer
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Ole Troan
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… nalini.elkins@insidethestack.com
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Fernando Gont
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Tom Herbert
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… Michael Richardson
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Brian E Carpenter
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Brian E Carpenter
- Re: [v6ops] [IPv6] Why folks are blocking IPv6 ex… hsyu
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Vasilenko Eduard
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Vasilenko Eduard
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Arnaud Taddei
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… nalini.elkins@insidethestack.com
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Brian E Carpenter
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Bob Natale
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Haisheng Yu
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Warren Kumari
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Ole Troan
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Warren Kumari
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Andrew Campling
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Fernando Gont
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Fernando Gont
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Clark Gaylord
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Tom Herbert
- Re: [v6ops] [IPv6] [OPSEC] Why folks are blocking… Fernando Gont
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Brian E Carpenter
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Brian E Carpenter
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Manfredi (US), Albert E
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Andrew Alston
- Re: [v6ops] [EXTERNAL] Re: [IPv6] [OPSEC] Why fol… Tom Herbert
- Re: [v6ops] [OPSEC] [EXTERNAL] Re: [IPv6] Why fol… Andrew Campling
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Tom Herbert
- Re: [v6ops] [IPv6] [EXTERNAL] Re: [OPSEC] Why fol… Mike Simpson
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Haisheng Yu
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Nick Hilliard
- Re: [v6ops] [IPv6] [OPSEC] [EXTERNAL] Re: Why fol… Fernando Gont
- Re: [v6ops] [OPSEC] [IPv6] [EXTERNAL] Re: Why fol… Bob Natale