draft-ietf-mext-firewall-vendor-02.txt   draft-ietf-mext-firewall-vendor-03.txt 
Network Working Group S. Krishnan Network Working Group S. Krishnan
Internet-Draft Ericsson Internet-Draft Ericsson
Intended status: Standards Track Y. Sheffer Intended status: Standards Track Y. Sheffer
Expires: April 30, 2010 Check Point Expires: December 29, 2010 Check Point
N. Steinleitner N. Steinleitner
University of Goettingen University of Goettingen
G. Bajko G. Bajko
Nokia Nokia
October 27, 2009 June 27, 2010
Guidelines for firewall vendors regarding MIPv6 traffic Guidelines for firewall vendors regarding MIPv6 traffic
draft-ietf-mext-firewall-vendor-02 draft-ietf-mext-firewall-vendor-03
Abstract
This document presents some recommendations for firewall vendors to
help them implement their firewalls in a way that allows Mobile IPv6
and DSMIPv6 signaling and data messages to pass through. This
document describes how to implement stateful packet filtering
capability for MIPv6 and DSMIPv6.
Status of this Memo Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF). Note that other groups may also distribute
other groups may also distribute working documents as Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at This Internet-Draft will expire on December 29, 2010.
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on April 30, 2010.
Copyright Notice Copyright Notice
Copyright (c) 2009 IETF Trust and the persons identified as the Copyright (c) 2010 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents in effect on the date of Provisions Relating to IETF Documents
publication of this document (http://trustee.ietf.org/license-info). (http://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Abstract include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
This document presents some recommendations for firewall vendors to described in the Simplified BSD License.
help them implement their firewalls in a way that allows Mobile IPv6
and DSMIPv6 signaling and data messages to pass through. This
document describes how to implement stateful packet filtering
capability for MIPv6 and DSMIPv6.
Table of Contents Table of Contents
1. Requirements notation . . . . . . . . . . . . . . . . . . . . . 3 1. Requirements notation . . . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. MIPv6 Firewall Primitives . . . . . . . . . . . . . . . . . . . 3 3. MIPv6 Firewall Primitives . . . . . . . . . . . . . . . . . . . 3
3.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Requirements . . . . . . . . . . . . . . . . . . . . . . . 3
3.2. Detecting and parsing the Mobility Header . . . . . . . . . 3 3.2. Detecting and parsing the Mobility Header . . . . . . . . . 3
3.3. Parsing Mobility Options . . . . . . . . . . . . . . . . . 4 3.3. Parsing Mobility Options . . . . . . . . . . . . . . . . . 4
4. Allowing signaling response packets . . . . . . . . . . . . . . 4 4. Allowing signaling response packets . . . . . . . . . . . . . . 4
 End of changes. 8 change blocks. 
27 lines changed or deleted 25 lines changed or added

This html diff was produced by rfcdiff 1.38. The latest version is available from http://tools.ietf.org/tools/rfcdiff/