[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Proposed 6to4 work (security)



>> 	- can chew up bandwidth of the 6to4 public relay router provider, and
>> 	  there's no way for an ISP to limit accesses to the relay router
>> 	  to their customers (it has to be public service to everyone)
>I believe you *can* quite effectively limit the access.  First by not 
>advertising 2002::/16 or 192.88.99.1 to your peers (or doing it by some 
>controlled measure, like no-export community), and if it's really 
>important, placing some ACL's.

	you are correct if you don't have downstream ISPs.

	if you are a big ISP and have downstream ISPs, by doing the above you
	will prohibit your downstream ISPs from providing 6to4 relay routers.
	i'm not sure if it is an acceptable thing to do.

itojun