[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPv6 tunnel over NAT
- To: v6ops@ops.ietf.org
- Subject: Re: IPv6 tunnel over NAT
- From: Rob Austein <sra+v6ops@hactrn.net>
- Date: Fri, 27 Sep 2002 16:50:10 -0400
- Delivery-date: Fri, 27 Sep 2002 13:50:29 -0700
- Envelope-to: v6ops-data@psg.com
- User-agent: Wanderlust/2.8.1 (Something) SEMI/1.14.4 (Hosorogi) FLIM/1.14.4(Kashiharajingū-mae) APEL/10.3 Emacs/20.7 (i386--freebsd) MULE/4.0(HANANOEN)
At Fri, 27 Sep 2002 13:13:14 -0700, Alain Durand wrote:
>
> IPv6 routing using 6to4 relays is asymetric, a 6to4 router may
> choose which relay it send its traffic to for native v6, but has
> absolutly no control where the packets will come back from.
Correct.
> So the decapsulating 6to4 router has no way to know if incoming
> packets are coming from a real relay or if it is spoofed trafic.
Correct. So what?
If you're suggesting that if I knew who the "real relay" was I could
trust it, I can only assume that you live in a much friendlier world
than I do. If it comes from the outside world it's dangerous until
proven otherwise. This isn't an IPv6-specific issue.