Microsoft: Give Xbox One users IPv6 connectivity

Eric Vyncke (evyncke) evyncke at cisco.com
Thu Mar 13 23:44:17 CET 2014


Or is it because AVM blocks all inbound IPv6 connection and X/Box has no
choice but falling back on Teredo?

I am really unclear on the exact situation

-éric

On 13/03/14 21:46, "Gert Doering" <gert at space.net> wrote:

>Hi
>
>On Thu, Mar 13, 2014 at 07:12:54PM +0000, Eric Vyncke (evyncke) wrote:
>> What annoys me more if the fact that AVM (and they are not the only one
>>--
>> see Technicolor & others) naively believes that NAT44 offered some
>> security by preventing inbound connections... This means that there is
>>NO
>> open connectivity between two X/Box behind a closed AVM CPE... Hence
>>X/Box
>> has no choice and is smart enough to fall back in the legacy NAT44 mode
>> with a TURN (or in this case Teredo) to bypass NAT. A very nice
>> opportunity to run man-in-the-middle attack on a foreign ground.
>
>I'm not sure what NAT44 has to do with it.
>
>The point is that there is *native* IPv6 and the XBox insists on
>preferring 
>Teredo - and the AVM box blocks Teredo if it has native IPv6, because
>there
>is no real use in permitting an "tunnel IPv6 around the IPv4-only router!"
>protocol when there *is* a perfectly good IPv6-capable router around...
>
>Gert Doering
>        -- NetMaster
>-- 
>have you enabled IPv6 on something today...?
>
>SpaceNet AG                        Vorstand: Sebastian v. Bomhard
>Joseph-Dollinger-Bogen 14          Aufsichtsratsvors.: A.
>Grundner-Culemann
>D-80807 Muenchen                   HRB: 136055 (AG Muenchen)
>Tel: +49 (0)89/32356-444           USt-IdNr.: DE813185279



More information about the ipv6-ops mailing list