> Building a secure firewall takes more than just knowing how to issue > ip6table commands; one also needs to know exactly what goes into those > commands. NANOG concentrates on network operators who need to provide a > good Internet experience to all their downstream customers, which is why I > see the bias toward openness...as it should be. Those of us who run edge > networks have different problems to solve. >
NIST has very good publication on this subject : http://csrc.nist.gov/publications/nistpubs/800-119/sp800-119.pdf (Table 3-7 is a must read for any IPv6 newbie) Denis
