trolls can blather on, and of course will. but for the best work to date on this subject, see dave piscitello's preso from arin, <http://www.arin.net/meetings/minutes/ARIN_XX/PDF/thursday/Firewalls_Piscitello.pdf>. Mark Prior wrote:
If you need IPv6 then don't believe the vendor propaganda, test the box and then prepare to complain to the vendor :)
there is a too lightly spoken problem under this, a lack of good test suites, environments, platforms for ipv6. this serious gap extends from routers' control and data planes, to security products, to the myriad of applications. so the vendors can say pretty much anything, and it's very hard to actually learn the reality until it fails in your network. of course, if you have not been prone to testing in ipv4, this will not be a major change for you. :) randy