Re: /27 the new /24

[Mel Beckman <mel () beckman org>]

Keep in mind that IPv6 has IPSec VPN built into the protocol. It doesn't need to be in the router. 

Unlike IPv4, where the IPSec VPN protocol is an add-on, optional service, with IPv6 it's built into every device, 
because IPsec is a mandatory component for IPv6, and therefore, the IPsec security model is required to be supported 
for all IPv6 implementations. 

Thus it is a true end-to-end secure transport between two nodes -- even when those nodes are behind a firewall. You can 
still created IPv6 VPNs from site-to-site (called "tunnel mode"), but the idea with IPv6 is that since you can directly 
encrypt every TCP session, eventually the need for tunnels will diminish, if not go away completely. 

Interestingly, IPsec came out of funding from Clinton administration for securely hosting the whitehouse.gov email 
server. Trusted Information Systems software engineer Wei Xu started researching IP security methods in July 1994, and 
ultimately developed the first rendition of IPSec. He ported it to several server OSes of the time. 

 -mel beckman

> On Oct 4, 2015, at 6:41 AM, Matthias Leisi <matthias () leisi net> wrote:
>
> The built-in VPN which only supports IPv4 (that one specifically on an Asus router).