6to4 status (again)
Ivan Pepelnjak
ipepelnjak at gmail.com
Tue Feb 26 11:36:48 CET 2013
Maybe it's time someone rewrites that code ;) The box you have should be
pushing Gbps. See also
http://erratasec.blogspot.co.at/2013/02/custom-stack-it-goes-to-11.html
I know it's not going to happen ...
Ivan
On 26.02.2013 11:29 , Max Tulyev wrote:
> I believe you are using some kind of Linux/BSD box as 6to4 relay. So
> just launch tcpdump/ethereal/wireshark and see it ;)
>
> We operate the 6to4 relay in Ukraine. There is 400mbps traffic, and it
> seems it hits maximum available CPU usage (dual QuadXeon L5420) during
> a peak time.
>
> The most of the traffic is 6to4<->Teredo. The second position is for
> BitTorrent. But a 'good' traffic is significally increased too, as
> there is Facebook, Google, Yandex, Vkontakte enabled IPv6 by default.
>
> I see the root of the problem is in algoritm chooses the IPv4/IPv6
> preference. Mostly it uses IPv6 if it is available, whatever IPv4 path
> enabled or not. So it used to connect two IPv4-enabled boxes CAN
> connect through IPv4 - through IPv4<->6to4<->teredo<->IPv4 path. It is
> not good at all, and should be explained good to all vendors.
>
> May be it will be a good idea to block some kind of IPv6 traffic on
> the relay to force use IPv4 instead of chains of tunnels?
>
> On 25.02.13 23:48, Kevin Day wrote:
>>
>> I know this was brought up in November, but I didn't see much of a
>> consensus…
>>
>> We run one of the public 6to4 relays. Lately traffic to it has been
>> growing very rapidly and I'm really not sure why. Other people
>> shutting their public relays down? More AAAA records are making more
>> people fall back to 6to4? Idiots using it for DDoS?
>>
>> For most of 2012 the usage averaged about 50-100mbps, but lately
>> we're seeing sustained levels of 500mbps-900mbps. I'd rather not
>> deploy 10GE on our 6to4 box just to handle the traffic growth.
>>
>> Has anyone here looked at public 6to4 usage recently and seen similar
>> trends?
>>
>> Part of me is thinking we should just rate limit the box to something
>> more reasonable. While it's still running, it'll be slow enough that
>> hopefully people will move to a better transitional technology. My
>> fear is that it will cause more "v6 sucks, it's so slow" and people
>> shut it off without looking at why.
>>
>>
>>
>
More information about the ipv6-ops
mailing list