IPv6 Type 0 Routing Header issues

Roger Jørgensen roger at jorgensen.no
Tue Apr 24 07:55:32 CEST 2007

On man, april 23, 2007 23:05, Jeroen Massar wrote:
> Marco d'Itri wrote:
>> It's probably safe to assume that what the original poster is seeing is
>> the effect of a linux box with multiple tunnels configured on it but a
>> single default route and no policy (source-based) routing.
>> I see this often on my SixXS tunnel broker POP, and it's an easy way to
>> weed out the users who sign up just for IRC and will attract a DoS
>> sooner or later.
> Actually, you don't need multiple tunnels for this, it is just
> misconfiguration that already does the trick. Just have a /48 or other
> prefix routed to a downstream who doesn't have that address or the block
> routed to /dev/null or another device. Then when the packet comes there
> and a default route is in place, the packet will follow the default
> route and bounce back up to where it came from.

That explanation make sense really, I'm tunneled (and proud of it;), 3 of
them are upstreams while plenty of down to myself and my computers but
also to friends that wanted to get started with IPv6. But there are always
a /dev/null for all netblock I have and no default route, just BGP.

however, I changed one filter towards one of the upstreams yesterday,
earlier I accepted some other prefixes from him to, including Pekka's (I
belive that would be funet?) so that could have been why he saw it?


Roger Jorgensen              | - ROJO9-RIPE  - RJ85P-NORID
roger at jorgensen.no           | - IPv6 is The Key!

More information about the ipv6-ops mailing list