I'm dealing with the CPE's for Telenor here in Norway. And indeed a part of
the Norwegain discussion.
Today we block incoming traffic to protect the customers. We seek to have the
same security policy as for IPv4. Meaning statefull firewall which the
customer can configure if they want to. The reason is partly internal policy
(Telenor seeks to be seen as the secure internet provider in Norway, disabling
firewalls and allowing all of the internets deviants access to the NAS with
pictures of your children seems like a bad marketing move). We also hoped that
UPnP/PCP would be activly used in IPv6, punching firewall holes as needed. But
that seems to not get any traction.
As for customer complaints, none. But that does not mean that the customers
are not suffering. It may just as well be that the application reverts to
UPnP/STUN over IPv4 or fails without the customer beeing able to diagnose why.
<ipv6-ops-bounces+erik.taraldsen=telenor....@lists.cluenet.de> på vegne av
Anfinsen, Ragnar <ragnar.anfin...@altibox.no>
Sendt: 19. september 2016 14:32
Til: IPv6 Ops list
Emne: CPE Residential IPv6 Security Poll
In light of a new discussion blossoming in Norway, we are curious about the
IPv6 security policy different ISP’s has adopted. So it would be very helpful
if you could do a quick response, either here or directly to me, on the
Which security policy are you using for you residential IPv6 enabled CPE’s?
(RFC6092, fully open, balanced or other)
Why did you adopt this policy?
Any good or not so good experience with the choice?
All answers are very much appreciated, and I will post the results here after a
week or so. Thank you very much.
Chief Architect CPE
IP Address Architect
The content of this e-mail is intended solely for the use of the individual or
entity to whom it is addressed. If you have received this communication in
error, be aware that forwarding it, copying it, or in any way disclosing its
content to any other person, is strictly prohibited. If you have received this
communication in error, please notify the author by replying to this e-mail
immediately, deleting this message and destruct all received documents.