[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt

To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
From: Fernando Gont <fernando@gont.com.ar>
Date: Thu, 02 Sep 2010 01:38:45 -0300
Cc: Joel Jaeggli <joelja@bogus.com>, Gert Doering <gert@space.net>, IPv6 Operations <v6ops@ops.ietf.org>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:openpgp:content-type :content-transfer-encoding; b=lxRnBE/Jijk8pTI0xVw2YmbERpQSZlx5AvKfSXcf3K+cqURxBW7LzF5p39b4KZXTEJ QEu4Y2ZMNBr7U9LYgS6EEeviWN5kOiOVfkg9JYRXvmMbdHlJ8RXeKqwTni9NtGcs96OW qJV3HouQK1odjrD+Jc9we3VrHaZrfpQ+3osXg=
In-reply-to: <4C7F1BF2.80004@gmail.com>
Openpgp: id=D076FFF1
References: <20100831081506.5827A3A6956@core3.amsl.com> <4C7D8097.2060603@gmail.com> <20100901102531.GK61734@Space.Net> <4C7F067B.104@gont.com.ar> <4C7F1674.1070209@bogus.com> <4C7F1BF2.80004@gmail.com>
User-agent: Thunderbird 2.0.0.24 (Windows/20100228)

Hi, Brian,

 > But that resolves to 192.88.99.1 which *is* the anycast address
[RFC3068],
> at least where I'm sitting.

Yes. Now I wonder... a few days ago I was snooping my own traffic, and
my 6to4 packets were *not* being directed to 192.88.99.1. :-/  -- for
instance, I was rather surprised about that.


> If you know the right magic, you can make Windows (XP, at any rate) use
> whatever outbound relay you want, but it's still host-based 6to4, and
> the RFC 3056 model is router based.

One could expect a vendor to, e.g., populate a domain like
6to4.ipv6.dlink.com that contains several A records, and have their
equipment resolve that domain, find the closest domain, and use that one
rather than the anycast domain.

FWIW, what I don't like about the 6to4 anycast addr is that 6to4 relays
respond to queries (e.g. ping) with the anycast address as the source
address, rather than the unicast one. -- Yes, this was suggested in some
RFC (6to4 security?)

Thanks,
-- 
Fernando Gont
e-mail: fernando@gont.com.ar || fgont@acm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1

Follow-Ups:
- RE: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: "Eric Vyncke (evyncke)" <evyncke@cisco.com>
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Fernando Gont <fernando@gont.com.ar>

References:
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Gert Doering <gert@space.net>
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Fernando Gont <fernando@gont.com.ar>
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Joel Jaeggli <joelja@bogus.com>
- Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>

Prev by Date: Re: [v4tov6transition] draft-arkko-ipv6-transition-guidelines WGLC
Next by Date: Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
Previous by thread: Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
Next by thread: Re: I-D Action:draft-vandevelde-v6ops-harmful-tunnels-01.txt
Index(es):
- Date
- Thread