Oh man, that's rich. Do you actually believe that?
If you design the network for IPv6 and not just copy the
IPv4 model. If you use the technology that has been developed
over the last 20 years, rather than disabling it, yes it is
possible.
OK, how is it possible to automate the renumbering of my firewall
entries which contain IPv6 addresses and prefixes?
Ask your firewall vendor. It isn't rocket science to add
support for multiple prefixes. If you all ask they will
listen.
How is it possible to automate the renumbering of my extranet business
partner firewalls who also contain some of my IPv6 addresses and
prefixes?
Configure a secure channel to push that information to them.
I do that today for IPv4 for my home network. My ISP changes
my address and I automatically inform the people that need
to know of the address change. I also get zero advance
notice of the address change. I just wake up in the morning
and find that it has changed at 3 am. Happens about once
every 3 months.
How do I automate the renumbering of router ACLs in my own IPv6 network?
Talk to your router vendor.
I was not kidding when I suggested that router and firewall
vendors should renumber regularly. The only way to make
this sort of thing work is to exercise the path until all
the problems are gone.
These are purely theoretical questions, but I do know of many instances
where these kinds of things do need renumbering when an IP address
prefix changes.
Please don't say DEN, WBEM, etc.
--Michael Dillon
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews(_at_)isc(_dot_)org
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf