On killing IPv6 transition mechanisms

Jeroen Massar jeroen at unfix.org
Thu Mar 11 14:24:25 CET 2010


Bernhard Schmidt wrote:
> Hi Jeroen,
> 
>> Teredo has the same issues as 6to4: anycast in both IPv4 and IPv6 thus
>> you never know the path that the packets will follow, thus it is
>> horribly hard to debug; unless you have access to every single hop in
>> the path of course.
> 
> Where exactly is there IPv4 anycast in Teredo?

Ah, meh, indeed, it is fortunately not on the IPv4 level ;)

> Teredo makes a few things a bit easier in debugging (since both
> directions go through the same relay), but makes it a lot harder as well
> (you need full end-to-end connectivity for connection setup/relay
> selection/trace, plus the dependency on (mostly third-party) Teredo
> servers, plus the statefulness on the relays).

Every tech has a side-effect...

> If there was an agreement
> to kill those services sooner than later I would be happy to be part of
> it, but at least for 6to4 this will be impossible.

The thing with 6to4 & Teredo (& Tunnel Brokers & 6rd etc etc) is that
they should be of temporary nature. It seems some ISPs want to simply
use them as their permanent plan "look folks we deploy IPv6" while they
actually just use 6to4/Teredo actually operated by another ISP.
And that is a good thing. I do also hope folks realize that one day or
another they should be turning those services off, especially in the
light of security and the abuse that can be done through them (spoofing
ole).

Greets,
 Jeroen

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: OpenPGP digital signature
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20100311/6a20a673/attachment.sig>


More information about the ipv6-ops mailing list