[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Discussion of the Home/SOHO environment

To: Remi Denis-Courmont <rdenis@simphalempin.com>
Subject: Re: Discussion of the Home/SOHO environment
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Sun, 06 Jan 2008 09:42:54 +1300
Cc: james woodyatt <jhw@apple.com>, IETF V6OPS WG <v6ops@ops.ietf.org>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=hSK/O3015dJsb+qJW6twAJ/EB5pnFpaIB4WmzDC7nm7C3QLQoiieH/pGFl3DDqEginVW01WofZm1djhe2s15nICPWhmpWq6aCm+H/viIALuv3l6cESKur+EPIeVqs/Y+L4eZebI1oNO5JqkLABk5dcLA3iDPfeKgCIy4y35Ovis=
In-reply-to: <dce8756b3c560d909e7ec2d0886130a7@chewa.net>
Organization: University of Auckland
References: <477DBB5A.8050006@gmail.com> <dce8756b3c560d909e7ec2d0886130a7@chewa.net>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

Rémi,

On 2008-01-05 03:43, Remi Denis-Courmont wrote:

On Fri, 04 Jan 2008 17:51:38 +1300, Brian E Carpenter

<brian.e.carpenter@gmail.com> wrote:

On 2008-01-04 15:45, james woodyatt wrote:

...

+ Customers with public IPv4 addresses get satisfactory 6to4 relay
service.

That's presumably a requirement on the ISP. The requirement
on the CPE is to act as a 6to4 router, i.e. implement RFC 3056.




I am very much mixed on this.

Yes, implementing a zero-configuration 6to4 relay on the CPE, if:

- it has a public IPv4 address, and

- it has native IPv6

will improve connectivity a lot... if 6to4 actually works.



I have seen several different networks where you get public IPv4
addresses, yet 6to4 does not work properly:

- because proto-41 is black-holed by the ISP, and/or

- because of stateful firewalling.

The second bullet is a minor issue for a 6to4 relay, but it is
a critical issue for a 6to4 gateway. Another argument against
zero-configuration 6to4 gateways is that you cannot check
whether the anycast relay actually works at the other end.

Unless we invent some kind of sanity checks for automatic
RFC3056, I'd rather CPEs avoid doing this by default...

In fact, 6to4 was not invented for the SOHO scenario. We were
mainly thinking of managed sites such as campuses where
the same people would be configuring the 6to4 router and
the firewall, not to mention doing explicit IPv6 routing.


With Teredo, these relaying issues mostly don't exist because
it has some kind of connectivity checks, but it comes at a
significant higher complexity from the CPE.


Yes, and Teredo was invented exactly to deal with the issues
raised by 6to4 in a SOHO environment.

   Brian

Follow-Ups:
- Re: Discussion of the Home/SOHO environment
  - From: shogunx <shogunx@sleekfreak.ath.cx>

References:
- Re: Discussion of the Home/SOHO environment
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Discussion of the Home/SOHO environment
  - From: Remi Denis-Courmont <rdenis@simphalempin.com>

Prev by Date: RE: CPEs -- security
Next by Date: Re: Discussion of the Home/SOHO environment
Previous by thread: Re: Discussion of the Home/SOHO environment
Next by thread: Re: Discussion of the Home/SOHO environment
Index(es):
- Date
- Thread