6to4 status (again)

Martin Millnert martin at millnert.se
Tue Feb 26 13:29:54 CET 2013 

On Tue, 2013-02-26 at 12:32 +0200, Max Tulyev wrote:
> Exactly!
> 
> Not to bypass NAT (you can't use 6to4 behind NAT) or DPI (6to4 is not 
> encrypted). Just because of braindead design ot some software.

This is true for 6to4 but not Teredo:
- <statistics> 9 out of 10 DPI boxes will not find Teredo. </statistics>
- Teredo works behind NAT.

Thus, Teredo meets rest-of-IPv6, and there are quite some Windowses out
there with 6to4 enabled. p2p trackers / swarms with just IPs to connect
to forces stacks to use what they can and in many cases that's 6to4.
(we've been over this)

> On 26.02.13 06:50, Eric Vyncke (evyncke) wrote:
> > So, it looks like BitTorrent traffic from non native ipv6 to non native ipv6... Just to bypass NAT and DPI...
> >
> > Sigh...
> >
> >
> >
> >
> > Le 25 févr. 2013 à 19:39, "Shin SHIRAHATA" <shin at tokyo6to4.net> a écrit :
> >
> >> Hello Kevin,
> >>
> >>> We run one of the public 6to4 relays. Lately traffic to it has been growing very rapidly and I'm really not sure why. Other people shutting their public relays down? More AAAA records are making more people fall back to 6to4? Idiots using it for DDoS?
> >>
> >> We, Tokyo6to4 had shutdown our 6to4/Teredo public relay router in AS38646
> >> and AS55374 in last September. Because commercial IPv6 services are became
> >> available in Japan since 2011.
> >>
> >> The total amount of traffic level was around 100Mbps.
> >>
> >>> For most of 2012 the usage averaged about 50-100mbps, but lately we're seeing sustained levels of 500mbps-900mbps. I'd rather not deploy 10GE on our 6to4 box just to handle the traffic growth.
> >>>
> >>> Has anyone here looked at public 6to4 usage recently and seen similar trends?
> >>>
> >>> Part of me is thinking we should just rate limit the box to something more reasonable. While it's still running, it'll be slow enough that hopefully people will move to a better transitional technology. My fear is that it will cause more "v6 sucks, it's so slow" and people shut it off without looking at why.
> >>
> >> in our observation, 50-80% of traffic in 6to4 relay is {coming from,
> >> going to} Teredo.
> >>
> >> I think there is a reason to implement rate limit to these traffic  (6to4-
> >> Teredo)  before limiting whole traffic. Logically, it should be reachable
> >> without 6to4 relay since the nature of the traffic is IPv4-IPv4 traffic.
> >>
> >> ---
> >> No caffeine, No work.
> >> Shin SHIRAHATA <shin at shirahata.name> / <true at sfc.wide.ad.jp>
> >> http://www.sfc.wide.ad.jp/~true/
> >>
> >
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
Url : http://lists.cluenet.de/pipermail/ipv6-ops/attachments/20130226/cd9c284c/attachment.bin

More information about the ipv6-ops mailing list