[colug-432] tunnelled IPv6 -- was: Looking for info on Columbus
R P Herrold
herrold at owlriver.com
Wed Mar 9 12:14:10 EST 2011
On Wed, 9 Mar 2011, Rob Funk wrote:
> On Wednesday, March 09, 2011 11:49:10 am R P Herrold wrote:
>> It is not at all clear to me if or how one sets up traditional
>> 'tcp wrappers' in v6
>
> IPv6 is in the IP layer, below the TCP layer, so tcp wrappers should be
> completely unaffected by the switch to IPv6. Depending on your tcp wrappers
> configuration, however, DNS issues in IPv6 may bite you in tcp wrappers.
Understood -- but it is a matter of testing.
The current 'man' pages set out the manner of specification of
IPv6 entries values as hardcoded numeric ranges in the
/etc/hosts.allow and .deny files
Name based ACLs reaching to AAAA and CNAME records drag in the
DNS tests I mentioned and have not completed yet [not that I
use named based that often other than 'localhost']
I've just not tested it yet, so I don't trust that my
understanding of it is accurate
... but then I need to roll in DNSSEC as well, and that has
not hit the top of my list yet either ;)
-- Russ herrold
More information about the colug-432
mailing list