Operational security for #IPv6 is mostly about doing the basics well: avoid #IPv4 carryover assumptions, lock down first hop behavior, protect the control plane, and be explicit about how you handle extension headers, fragmentation, and monitoring. That was the thread running through the #IIESoc #RFCsWeLove session on #RFC9099 with Éric Vyncke: https://www.iiesoc.in/post/rfcs-we-love-operational-security-consideration-for-ipv6-networks

phuhh had a clash with an old friend and a friend of his who're both deep into #IPv4 and won't accept transitioning to #IPv6 should or would be happening soon, or is even necessary, for reasons I can't comprehend are still concerns today. I'm currently trying to read into the matter by reading up on RfCs (#rfc4864 for instance, only to be lead to #rfc9099 and #rfc4942); holy shit most of those have already been solved ~15 years ago. I'm no way through them all, just skimming over is hard enough.