Teredo only used as last resort after IPv4 (Was: ipv6-ops
Digest, Vol 25, Issue 9)
Andrius Kazimieras Kasparavic(ius
andrius at andrius.org
Mon Apr 9 16:04:21 CEST 2007
Jeroen Massar wrote:
> For BBC folks and people who know how to get to them:
>
> Does anybody have a contact at the BBC who can disable that open
> recursive DNS server (212.58.224.21)? Some nice DDoS attacks can be done
> with it. CC'ing their abuse@ just in case. Please close it up and
> restrict it only for your OWN customers usage. Thank you.
>
Couple weeks ago I have been there in Maiden H. talking to one of their
technology managers mentioned that, but they however been convinced that
their cluster is large enough to deal with the possible problem. Maybe
they are still considering that suggestion.. otherwise, you never know
what technology and products stay behind the scene.
BBC's network is outsourced to Siemens BS since 2004.
> When you have native or tunneled IPv6 connectivity thatwill be
> preferred. See the discussion on Teredo from last week or so.
>
> If you try www.ipv6.sixxs.net, which only has a IPv6 address, then you
> should be reaching it using IPv6.
>
that works, thanks!
i have been confused by their article - don't you think that should be
stated clear(i.e "prefer(except teredo)"),
http://www.microsoft.com/technet/community/columns/cableguy/cg1005.mspx:
When both IPv4 and IPv6 are enabled, the Next Generation TCP/IP stack
prefers the use of IPv6. For example, if a Domain Name System (DNS) Name
Query Response message contains a list of both IPv6 and IPv4 addresses,
the Next Generation TCP/IP stack will attempt to communicate over IPv6
first, subject to the address selection rules that are defined in RFC
3484. For more information, see Source and Destination Address Selection
for IPv6
<http://www.microsoft.com/technet/community/columns/cableguy/cg0206.mspx>,
the February 2006 The Cable Guy article.
The preference of IPv6 over IPv4 offers IPv6-enabled applications better
network connectivity because IPv6 connections can use IPv6 transition
technologies such as Teredo, which allow peer or server applications to
operate behind network address translators (NATs) without requiring NAT
configuration or application modification.
Enabling IPv6 by default and preferring of IPv6 traffic does not impair
IPv4 connectivity. For example, on networks without IPv6 records in the
DNS infrastructure, communications using IPv6 addresses are not
attempted unless the user or application specifies the destination IPv6
address.
Oh,
Andrius
More information about the ipv6-ops
mailing list