6to4 status (again)

Max Tulyev maxtul at netassist.ua
Tue Feb 26 11:57:02 CET 2013


It does. Other similar configurations routes 20+ Gbps easy, but IPv4.

On 26.02.13 12:36, Ivan Pepelnjak wrote:
> Maybe it's time someone rewrites that code ;) The box you have should be
> pushing Gbps. See also
>
> http://erratasec.blogspot.co.at/2013/02/custom-stack-it-goes-to-11.html
>
> I know it's not going to happen ...
> Ivan
>
> On 26.02.2013 11:29 , Max Tulyev wrote:
>> I believe you are using some kind of Linux/BSD box as 6to4 relay. So
>> just launch tcpdump/ethereal/wireshark and see it ;)
>>
>> We operate the 6to4 relay in Ukraine. There is 400mbps traffic, and it
>> seems it hits maximum available CPU usage (dual QuadXeon L5420) during
>> a peak time.
>>
>> The most of the traffic is 6to4<->Teredo. The second position is for
>> BitTorrent. But a 'good' traffic is significally increased too, as
>> there is Facebook, Google, Yandex, Vkontakte enabled IPv6 by default.
>>
>> I see the root of the problem is in algoritm chooses the IPv4/IPv6
>> preference. Mostly it uses IPv6 if it is available, whatever IPv4 path
>> enabled or not. So it used to connect two IPv4-enabled boxes CAN
>> connect through IPv4 - through IPv4<->6to4<->teredo<->IPv4 path. It is
>> not good at all, and should be explained good to all vendors.
>>
>> May be it will be a good idea to block some kind of IPv6 traffic on
>> the relay to force use IPv4 instead of chains of tunnels?
>>
>> On 25.02.13 23:48, Kevin Day wrote:
>>>
>>> I know this was brought up in November, but I didn't see much of a
>>> consensus…
>>>
>>> We run one of the public 6to4 relays. Lately traffic to it has been
>>> growing very rapidly and I'm really not sure why. Other people
>>> shutting their public relays down? More AAAA records are making more
>>> people fall back to 6to4? Idiots using it for DDoS?
>>>
>>> For most of 2012 the usage averaged about 50-100mbps, but lately
>>> we're seeing sustained levels of 500mbps-900mbps. I'd rather not
>>> deploy 10GE on our 6to4 box just to handle the traffic growth.
>>>
>>> Has anyone here looked at public 6to4 usage recently and seen similar
>>> trends?
>>>
>>> Part of me is thinking we should just rate limit the box to something
>>> more reasonable. While it's still running, it'll be slow enough that
>>> hopefully people will move to a better transitional technology. My
>>> fear is that it will cause more "v6 sucks, it's so slow" and people
>>> shut it off without looking at why.
>>>
>>>
>>>
>>
>
>



More information about the ipv6-ops mailing list