[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed 6to4 work (security)

To: Gert Doering <gert@space.net>
Subject: Re: Proposed 6to4 work (security)
From: itojun@iijlab.net
Date: Wed, 16 Oct 2002 12:27:04 +0900
Cc: Alain Durand <Alain.Durand@Sun.COM>,IPv6 Operations <v6ops@ops.ietf.org>,Pekka Savola <pekkas@netcore.fi>,Margaret Wasserman <mrw@windriver.com>
Delivery-date: Tue, 15 Oct 2002 20:29:46 -0700
Envelope-to: v6ops-data@psg.com

>On Thu, Oct 10, 2002 at 02:45:50PM -0700, Alain Durand wrote:
>There are also some issues aboout RFC3068, as there are very little
>public relays available today. We need to understand if this is
>just because we are still very early in IPv6 deployment or if it
>is because there is a fundamental problem in the model.

	as outlined in draft-itojun-ipv6-transition-abuse-01.txt, 6to4
	relay routers
	- are packet laundering services to malicious parties.
	  malicious parties can generate IPv6 packets anonymously by (ab)using
	  6to4 relay routers.
	- can chew up bandwidth of the 6to4 public relay router provider, and
	  there's no way for an ISP to limit accesses to the relay router
	  to their customers (it has to be public service to everyone)

	so ISPs has more risks than benefits in running 6to4 relay routers.

itojun

Prev by Date: Re: New draft on embedding the RP address in IPv6 multicast address
Next by Date: Re: Proposed 6to4 work (security)
Previous by thread: Re: Proposed 6to4 work (security)
Next by thread: Re: Proposed 6to4 work (security)
Index(es):
- Date
- Thread