IPv6-only network--is NAT64+DNS64 really this easy now?
list_freebsd at bluerosetech.com
Wed Jun 26 18:57:32 UTC 2019
On 2019-06-25 8:23, Lowell Gilbert wrote:
> Mel Pilgrim <list_freebsd at bluerosetech.com> writes:
>> Yes, that is why I wrote "Waving a hand at bug-hunting and
>> lamentations over the inertia of embedded systems designers".
> I'm an embedded system designer, and the system I develop works fine under
> IPv6. We say we don't support it, because we don't specifically test it,
> but a lot of the time the applications are1 actually running over IPv6
> without anybody noticing. The Windows GUI pieces can't configure IPv6
> addresses, but we really prefer running with link-local anyway.
That's the problem, though. If the vendor doesn't support or test it, I
can't rely on it in production. That's a big part of what I mean by
lamenting embedded systems designers. Until we have IPv6 parity, all
those printers and multifunction devices sit on their own IPv4-only
VLAN, accessible only through print servers so that I don't have to
worry about things like unsecured SNMP over IPv6 because the vendor
didn't bother making their ACLs dual-stack or only added the "read-only"
config bit for IPv4, leaving the IPv6 SNMP open to unauthorized writing
(actual observed behaviour with a major printer manufacturer).
More information about the freebsd-questions