Re: /27 the new /24

[Mel Beckman <mel () beckman org>]

Stefann,

You're right. I remember hearing rumblings of vendors requesting this change, mostly because embedded processors of the 
time had difficulty performing well with IPv6. I see that in 2011 rfc6434 lowered IPSec from "must" to "should". 
Nevertheless, plenty of products produced before 2011 included IPSec and the vast majority of IPv6-capable nodes on the 
Internet have it today. Performance is no longer an issue. 

 -mel beckman

> On Oct 4, 2015, at 8:58 AM, Sander Steffann <sander () steffann nl> wrote:
>
> Hi,
>
> > Op 4 okt. 2015, om 16:52 heeft Mel Beckman <mel () beckman org> het volgende geschreven:
> >
> > If it doesn't support IPSec, it's not really IPv6. Just as if it failed to support any other mandatory IPv6 
> > specification, such as RA.
>
> I think you're still looking at an old version of the IPv6 Node Requirements. Check 
> https://tools.ietf.org/html/rfc6434#section-11, specifically this bit:
>
> """
> Previously, IPv6 mandated implementation of IPsec and recommended the key management approach of IKE.  This document 
> updates that recommendation by making support of the IPsec Architecture a SHOULD for all IPv6 nodes.
> """
>
> This was published in December 2011.
>
> Cheers,
> Sander