Session Checks and IPv6 Privacy Extensions

Cameron Byrne cb.list6 at gmail.com
Wed Aug 10 17:04:35 CEST 2011


On Aug 10, 2011 12:15 AM, "Tore Anderson" <tore.anderson at redpill-linpro.com>
wrote:
>
> * Gert Doering
>
> > On Tue, Aug 09, 2011 at 09:49:46AM -0400, Paul Timmins wrote:
> >> On 08/09/2011 03:57 AM, Jens Weibler wrote:
> >>> with the release of Lion it appears that the usage of temporary
> >>> adresses has been enabled..
> >>> Anyone else got problems with sessions checks in Typo3 or OTRS?
> >>
> >> It took me a while to figure out why OTRS was logging me out all the
> >> time,
> >
> > "all the time" is a bit suspicious, tho.  Normally, privacy addresses
> > should only be changed every few hours (haven't checked on lion), so
> > this should not happen too often.
> >
> > Maybe OTRS chokes on IPv6 addresses?
>
> My guess is that the Lion host in question is not alternating between
> different IPv6 [privacy|temporary] source addresses, but between IPv4
> and IPv6 (due to HE).
>

If that is the case , we can expect to see a lot of brokeness since many
types of communication fails when the source address is not persistent. I
have had to troubleshoot many types of ipsec, pptp, and ssl vpns as well as
ssl websites like msft outlook webmail... they all have trouble when the
source is not persistent.

But... I thought I read that apple's solution was adaptive and persistent...
I may be wrong but this would be good to know for sure now, as it may make
troubleshoot much quicker later on.

Cb
> --
> Tore Anderson
> Redpill Linpro AS - http://www.redpill-linpro.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.cluenet.de/pipermail/ipv6-ops/attachments/20110810/f34ff757/attachment.htm>


More information about the ipv6-ops mailing list