nanog mailing list archives
BCP for securing IPv6 Linux end node in AWS
From: Eric Germann <ekgermann () semperen com>
Date: Sun, 14 May 2017 09:29:45 -0400
Good morning all, I’m looking for some guidance on best practices to secure IPv6 on Linux end nodes parked in AWS. Boxes will be running various services (DNS for starters) and I’m looking to secure mainly ICMP at this point. Service filtering is fairly cut and dried. I’ve reviewed some of the stuff out there, but apparently I’m catching too many of the ICMP types in the rejection as routing eventually breaks. My guess is router discovery gets broken by too tight of filters. Thanks for any guidance. EKG
Attachment:
smime.p7s
Description:
Current thread:
- BCP for securing IPv6 Linux end node in AWS Eric Germann (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Alarig Le Lay (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Bjørn Mork (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Eric Germann (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Saku Ytti (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Enno Rey (May 14)
- Re: BCP for securing IPv6 Linux end node in AWS Rich Kulawiec (May 15)
- Re: BCP for securing IPv6 Linux end node in AWS JORDI PALET MARTINEZ (May 15)
- Re: BCP for securing IPv6 Linux end node in AWS Alarig Le Lay (May 14)