Teredo source addresses from 6to4 relay
Remi Denis-Courmont
rdenis at simphalempin.com
Fri May 11 11:44:47 CEST 2007
On Thu, 10 May 2007 20:57:54 +0100, David Malone <dwmalone at maths.tcd.ie> wrote:
> I've seen a related problem as an end-user in a network where I
> have a 6to4 router and a SixXS tunnel. The address selection rules
> on end hosts don't always match up the addresses right, so a
> connection would end up with a 6to4 source address and a production
> destination address. Our router would then forward that to the SixXS
> tunnel, which would drop it because of uRPF. Using a better address
> selection policy helped a lot (which is why it would be useful to
> be able to distribute address selection policies, instead of having
> to configure each host by hand).
What you would need there is source routing. Better yet understand why
RFC3484 is not applied properly...
> However, your problem looks different 'cos it has correctly matched
> the Toredo addresses, but then routed it over a 6to4 interface. Is
> there any other consistent pattern that might identify which
> implementation is doing this?
2001:0:4136:xxyy:34d4:282b:qwer:tyui
^^^^ | ^^^^
65.54.*.* | a bunch of unspecified/non-standard Teredo flags
= Microsoft | = most likely Windows Vista
In any case, I have not heard of any non-experimental Teredo
implementation besides Microsoft ones and mine; the latter does not
currently use non-defined flag bits.
Of course, that is only a guess. OS-fingerprinting the TCP header might
also help narrowing down the "culprit".
Regards,
--
Rémi Denis-Courmont
http://www.remlab.net/
More information about the ipv6-ops
mailing list