Are there any in-built security advantages or considerations to the IPv6 protocol?
(Dan Miller) Chris Griffin responded that while some people might say yes, he would probably say no. Originally IPsec was designed for IPv6 and then shoehorned into IPv4; however the same restrictions to IPv6 apply to IPv4. You need a certificate authority before IPsec can work and those kinds of things. In the end you are still dealing with a transport level address–that is pretty much all that is changing. There are some restrictions because the address is now longer. Some hardware platforms may not have the ability to do deep inspection on an IPv6 packet. On hardware firewalls you might start seeing some restrictions where you would have to upgrade those. From a usability perspective as a network engineer, it is going to be difficult to poke holes in ACLs based on full IPv6 addresses. Right now they normally specify allowed addresses to various locations. They are going to have to figure out some way of assigning more reasonable addresses for machines which need holes poked. Everyd
