[Freeswitch-users] ipv6 - any fans?

curriegrad2004 curriegrad2004 at gmail.com
Thu Aug 23 22:10:12 MSD 2012 

IPv6 isn't hard to deploy. In fact it's way easier to deploy than IPv4. I
would agree that getting the firewalling right is the crucial part on
getting IPv6 deployed securely. A perfect example for firewalling an IPv6
network with iptables via the FORWARD chain can be done this way:

-A FORWARD -s [Your IPv6 Subnet Here] -j ACCEPT
-A FORWARD -d [Your IPv6 Subnet Here]  -m state --state RELATED,ESTABLISHED
-j ACCEPT
-A FORWARD -j REJECT

On Thu, Aug 23, 2012 at 10:17 AM, Brian Foster <bdfoster at endigotech.com>wrote:

> +1. Most of the servers I have actually do have IPv6 addresses, however I
> do not use them. I really just don't have the experience to deploy IPv6
> safely. Those servers all have public IP's so really for me there isn't
> much benefit (yet), so it's not on my priority list. FS ipv-6 profile is
> immediately removed prior to first start of FreeSWITCH.
>
>
> On Thu, Aug 23, 2012 at 1:05 PM, Andrew Cassidy <
> andrew at cassidywebservices.co.uk> wrote:
>
>> I'm all for IPv6, just get your firewalling right, depending on your OS
>> it doesn't always share rules automatically. Don't forget your machine will
>> usually have at least 3 addresses too, which can of course be bound and
>> firewalled individually.
>>
>> But as the others have said, the main issue is support in existing kit.
>> Only a fraction of my devices support IPv6. It's good for some things and
>> not doing something just because no-one else is will never push the
>> progression on. The more demand we create for IPv6, the more likely ISPs
>> are to take it up.
>>
>> On 23 August 2012 15:43, Kristian Kielhofner <kris at kriskinc.com> wrote:
>>
>>> Sorry, I just woke up: "there end of the tunnel" = "their end of the
>>> tunnel".
>>>
>>> On Thu, Aug 23, 2012 at 10:42 AM, Kristian Kielhofner <kris at kriskinc.com>
>>> wrote:
>>> > Assuming you're in the US (or most other parts of the world besides
>>> > Asia); it won't work.  Here's why:
>>> >
>>> > Almost no last mile providers will deliver native IPv6 (currently).
>>> > Your customers would have to use a tunneling service like HE to even
>>> > get to you.  First there are hassles setting up the tunnel in the
>>> > first place, then there are issues with latency, packet loss, jitter,
>>> > etc using a tunnel service that has to haul all of your IPv6 in IPv4
>>> > traffic back to their gateway in a central location.  VoIP is just
>>> > about the worst service you could use via an IPv6 tunnel.
>>> >
>>> > You could try to offer your own IPv6 tunneling service but there's
>>> > still the issue of customers setting up there end of the tunnel.
>>> > Besides, encapsulation sucks.
>>> >
>>> > The IPv4 global routing table has at least 424,000 networks:
>>> >
>>> > http://bgp.potaroo.net/index-bgp.html
>>> >
>>> > The IPv6 global routing table has 10,215 networks:
>>> >
>>> > http://bgp.potaroo.net/v6/as2.0/
>>> >
>>> > Granted IPv6 networks tend to be better organized and more "compact"
>>> > (at least as far as advertisements are concerned) but that's still a
>>> > factor of 40:1.
>>> >
>>> > On Thu, Aug 23, 2012 at 8:38 AM, Alex <alex at thewinelake.com> wrote:
>>> >> We've been wondering about trying to offer a service on ipv6 as it
>>> would
>>> >> get around various LAN issues.
>>> >>
>>> >> Just wondered what experiences (good or bad) people here have had with
>>> >> it and also why there isn't more "'buzz"?
>>> >>
>>> >>
>>> _________________________________________________________________________
>>> >> Professional FreeSWITCH Consulting Services:
>>> >> consulting at freeswitch.org
>>> >> http://www.freeswitchsolutions.com
>>> >>
>>> >> 
>>> >> 
>>> >>
>>> >> Official FreeSWITCH Sites
>>> >> http://www.freeswitch.org
>>> >> http://wiki.freeswitch.org
>>> >> http://www.cluecon.com
>>> >>
>>> >> FreeSWITCH-users mailing list
>>> >> FreeSWITCH-users at lists.freeswitch.org
>>> >> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> >> UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> >> http://www.freeswitch.org
>>> >
>>> >
>>> >
>>> > --
>>> > Kristian Kielhofner
>>>
>>>
>>>
>>> --
>>> Kristian Kielhofner
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> 
>>> 
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://wiki.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> *Andrew Cassidy BSc (Hons) MBCS SSCA*
>> Managing Director
>>
>>
>> *T <info at cassidywebservices.co.uk> *03300 100 960  *F<info at cassidywebservices.co.uk>
>>  *03300 100 961
>> *E <info at cassidywebservices.co.uk> *andrew at cassidywebservices.co.uk
>> *W <info at cassidywebservices.co.uk> *www.cassidywebservices.co.uk
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>
>
> --
> Brian D. Foster
> Endigo Computer LLC
> Email: bdfoster at endigotech.com
> Phone: 317-800-7876
> Indianapolis, Indiana, USA
>
> This message contains confidential information and is intended for those
> listed in the "To:", "CC:", and/or "BCC:" fields of the message header. If
> you are not the intended recipient you are notified that disclosing,
> copying, distributing or taking any action in reliance on the contents of
> this information is strictly prohibited. E-mail transmission cannot be
> guaranteed to be secure or error-free as information could be intercepted,
> corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.
> The sender therefore does not accept liability for any errors or omissions
> in the contents of this message, which arise as a result of e-mail
> transmission. If verification is required please request a hard-copy
> version.
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20120823/f3e733cf/attachment.html

Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list