[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed 6to4 work (security)



>On Thu, Oct 10, 2002 at 02:45:50PM -0700, Alain Durand wrote:
>There are also some issues aboout RFC3068, as there are very little
>public relays available today. We need to understand if this is
>just because we are still very early in IPv6 deployment or if it
>is because there is a fundamental problem in the model.

	as outlined in draft-itojun-ipv6-transition-abuse-01.txt, 6to4
	relay routers
	- are packet laundering services to malicious parties.
	  malicious parties can generate IPv6 packets anonymously by (ab)using
	  6to4 relay routers.
	- can chew up bandwidth of the 6to4 public relay router provider, and
	  there's no way for an ISP to limit accesses to the relay router
	  to their customers (it has to be public service to everyone)

	so ISPs has more risks than benefits in running 6to4 relay routers.

itojun