What Cisco routers, and what vintage IOS, are you finding have no IPSec support? I've not run into that problem.
-mel beckman > On Oct 4, 2015, at 8:33 AM, Jon Lewis <jle...@lewis.org> wrote: > >> On Sun, 4 Oct 2015, Mel Beckman wrote: >> >> If it doesn't support IPSec, it's not really IPv6. Just as if it failed to >> support any other mandatory IPv6 specification, such as RA. > > Go tell cisco that. IIRC, the first network I dual-stacked, I was kind of > surprised when I found I could not use authentication in OSPFv3, because > OSPFv3 assumes IPv6 will supply the IPSec to do auth...but these routers > didn't support IPSec. They still managed to route IPv6 and support IPv6 > customers...so it really was IPv6...just not the full suite of everything > you'd expect from IPv6. > >> Your observation simply means that users must be informed when buying IPv6 >> devices, just as they must with any product. You can buy either genuine IPv6 >> or half-baked IPv6 products. When I speak of IPv6, I speak only of the >> genuine article. > > Does anyone buy "IPv6 devices"? > > The biggest hurdle I've seen with IPv6 adoption (i.e. going dual-stack, with > the idea that we'll gradually transition most things / most traffic from v4 > to v6) is the number of end-user network providers that don't offer v6 at > all. My home cable internet provider still doesn't offer IPv6. When I asked > one of their support people about it recently, I was told not to worry, they > have plenty of v4 addresses left, but it was implied that they do plan to > start offering v6 sometime soon. They should have started rolling out IPv6 > to any customers that wanted it years ago, so that by today, it would be > standard for all their installations to be dual-stack. But here we are, > nearly 2016, and they don't have a single IPv6 customer (AFAIK) yet. > > ---------------------------------------------------------------------- > Jon Lewis, MCP :) | I route > | therefore you are > _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
