Bad 6to4 routing through AS1103 AS2914
Daniel G. Kluge
dkluge at acm.org
Sat Jul 28 14:21:54 CEST 2007
Hello there,
I'm using everybody's favorite random bit-bucket 6to4, and found some
strange routing.
The IPv6 trace goes as follows from AS8404 (Cablecom CH) to AS559
(Switch CH):
traceroute6 to oreius.switch.ch (2001:620:0:1b::b) from 2002:4d39:xxx:
1337::1, 30 hops max, 12 byte packets
1 2002:4d39:xxxx:1337::1 (2002:4d39:xxxx:1337::1) 0.858 ms 0.427
ms 0.413 ms
2 2002:c058:6301:: (2002:c058:6301::) 138.943 ms 134.219 ms
123.884 ms
3 v2-1-1-2076.xsr01.asd002a.surf.net (2001:610:f01:9012::13)
124.987 ms * 126.991 ms
4 ft-500.xsr03.asd001a.surf.net (2001:610:e08:32::34) 143.284 ms
147.892 ms 125.722 ms
5 surfnet.rt1.ams.nl.geant2.net (2001:798:22:10aa::1) 79.299 ms
86.309 ms 113.57 ms
6 so-6-2-0.rt1.fra.de.geant2.net (2001:798:cc:1401:2201::1) 79.536
ms 76.094 ms 72.934 ms
7 so-6-2-0.rt1.gen.ch.geant2.net (2001:798:cc:1201:1401::1) 72.457
ms 73.24 ms 82.032 ms
8 switch-gw.rt1.gen.ch.geant2.net (2001:798:12:10aa::2) 73.404 ms
72.459 ms 90.758 ms
9 swils2-10ge-1-3.switch.ch (2001:620:0:c006::2) 33.574 ms 45.307
ms 31.616 ms
10 swicp2-g1-0-28.switch.ch (2001:620:0:c048::1) 30.143 ms 61.292
ms 34.204 ms
11 oreius.switch.ch (2001:620:0:1b::b) 33.33 ms 29.719 ms 35.477 ms
So the problem seems to be the 6to4 relay on hop 2, which is actually
at Surfnet (AS1103), and looks fine:
traceroute to 192.88.99.1 (192.88.99.1), 64 hops max, 40 byte packets
5 213.46.160.45 (213.46.160.45) 21.763 ms 36.532 ms 19.972 ms
6 de-fra01a-rd1-10ge-0-0.aorta.net (213.46.179.5) 19.749 ms 20.109
ms 19.652 ms
7 nl-ams05a0-rd1-pos-2-0.aorta.net (213.46.160.197) 34.924 ms
36.641 ms 35.109 ms
8 nl-ams02a-ra1-10ge-3-0-0-0.aorta.net (213.46.183.101) 39.883 ms
35.190 ms 36.001 ms
9 nl-ams04a-ri1-ge-5-0.aorta.net (213.46.183.78) 36.222 ms 36.830
ms 36.035 ms
10 gbe3-5-6.xsr03.amsterdam1a.surf.net (145.145.166.45) 35.618 ms
41.396 ms 35.917 ms
11 tf-500.xsr01.amsterdam2a.surf.net (145.145.80.33) 37.783 ms
53.958 ms 37.401 ms
12 onweer.surfnet.nl (145.145.19.14) 37.471 ms * 36.670 ms
But then where does the return path go through? Thanks to sixxs'
distributed traceroute we get:
IPv6 traceroute from nlams05.sixxs.net @ SURFnet, AS1103 to
2002:4d39:xxxx:1337::1 :
Hop Node Loss% Sent Last Avg Best
Worst StDev ASN Organisation
1. 2001:610:1:80bb:192:87:102:9 0.0% 5 0.6 0.6 0.5
0.6 0.0 1103 SURFnet
2. 2001:610:f01:9168::174 0.0% 5 1.1 1.4 1.1
1.6 0.2 1103 SURFnet
v2-1-1.1661.XSR01.Amsterdam2A.surf.net.
3. 2001:610:e08:32::34 0.0% 5 1.6 1.5 1.4
1.6 0.1 1103 SURFnet
FT-500.XSR03.Asd001A.surf.net.
4. 2001:7f8:1::a500:2914:1 0.0% 5 1.4 1.4 1.4
1.5 0.1
ge-0.ams-ix.amstnl02.nl.bb.verio.net.
5. 2001:418:0:2000::105 0.0% 5 99.6 99.6 99.3
100.0 0.3 Verio, Inc.
p64-1-1-0.r20.asbnva01.us.bb.gin.ntt.net.
6. 2001:418:0:2000::1e6 0.0% 5 99.6 99.6 99.3
99.6 0.1 Verio, Inc.
xe-1-1.r01.stngva01.us.bb.gin.ntt.net.
7. 2001:418:0:5000::36 0.0% 5 101.1 101.2 101.0
101.4 0.2 Verio, Inc.
fa-0-0.gw.stngva.ameri.ca.
8. 2002:4d39:xxxx::1 0.0% 5 124.9 126.0 124.9
128.3 1.4 6to4
9. 2002:4d39:xxxx:1337::1 20.0% 5 126.7 126.9 125.4
128.8 1.4 6to4
So it seems that AS1103, even though they advertise a 6to4 relay,
don't have a reverse path, and chuck it over the fence to Verio. But
in AS2914 the 6to4 gateway seems to be located in the US, so we have
again the big-pond hopping routes that made IPv6 a PITA to use in the
beginning.
So could we get something more reasonable, routing-wise? Either
AS1103 or AS2914 should terminate 2002::/16 locally and send it to
IPv4-land, or at least send it to someone who will do so in Europe.
Geant in the first traceroute is slightly better, they route
2002::/16 through Lisbon (fccn.pt, hello Carlos) and back (LIS-LDN-
PAR-FRA-ZUR).
Cheers,
-daniel (I know I should set up a tunnel, but this is more fun)
P.S. according to GRH AS1103 seems to be missing 2002::/16, so how
that routes in the first place...
More information about the ipv6-ops
mailing list