Thoughts about ipv6 white listing
Cameron Byrne
cb.list6 at gmail.com
Sun Dec 5 04:16:00 CET 2010
On Sat, Dec 4, 2010 at 3:24 PM, Brian E Carpenter
<brian.e.carpenter at gmail.com> wrote:
> Tore,
>
> If all ISPs with content providers offering IPv6 service
> provide a 2002::/16 route to a properly working relay,
> we'd eliminate many of the return path problems.
>
> I agree that if people are filtering proto 41 there is
> a problem, and that is in the hands of the operators.
>
> I agree that if transit providers don't provide a properly
> working relay on 192.88.99.1, there is a problem. That is
> in the hands of the transit ISP.
>
> Fixing these problems is in the ISPs' interests, since not
> fixing them annoys their customers and generates help desk
> calls.
>
6to4 relays are not much use in the increasing number of ISPs that use
RFC1918 address space, including the majority of mobile providers.
The 6to4 problem gets even worse when the address constrained ISPs use
BOGONs or otherwise non-unique public space in their NAT444
environments. As time goes on, and IPv4 gets more diluted and
polluted, 6to4 just gets more and more broken.
Cameron
> The point is that ISPs can fix these problems and we haven't yet
> documented how they should do so. We should do that rather than
> encouraging the lazy way out. And yes, I do plan to write an IETF
> draft.
>
> Thanks for the pointers.
>
> Regards
> Brian
>
> On 2010-12-05 08:39, Tore Anderson wrote:
>> * Brian E Carpenter
>>
>>> Except that it's encouraging the wrong solution (turn off IPv6
>>> and 6to4 at the subscriber end if they don't work).
>>>
>>> The right solution is: make them work, which is mainly the
>>> responsibility of the ISPs at the content provider end.
>>
>> Brian,
>>
>> The reason why 6to4 isn't working isn't at the content provider end.
>> If the content providers could flip a magic switch to make 6to4 work
>> reliably, we'd done it a long time ago. But when the access network is
>> filtering protocol 41, for instance, what else can we tell the affected
>> end users to do, except to turn off 6to4 or IPv6?
>>
>> Perhaps you will find these links enlightening:
>>
>> http://labs.ripe.net/Members/emileaben/6to4-how-bad-is-it-really
>> http://ripe61.ripe.net/presentations/162-ripe61.pdf
>>
>> Best regards,
>
More information about the ipv6-ops
mailing list