[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6to4 security questions
Pekka Savola wrote:
>
> On Thu, 21 Nov 2002, Brian E Carpenter wrote:
> > > On Thu, 21 Nov 2002, Brian E Carpenter wrote:
> > > > Actually, what is wrong with the model in bullet 2.2 of section 5.2
> > > > of RFC 3056, i.e. require a BGP4+ peer relationship between a 6to4
> > > > router and the 6to4 relay routers it deals with? (OK, I can see some
> > > > reachability issues but 6to4 is not supposed to be the universal answer.)
> > >
> > > That, in itself, helps little. Relay routers must also be connected using
> > > BGP4+ and advertising more specific routes.
> >
> > No, the model is that they will advertise 2002::/16, but only inside a limited set
> > of AS's. That is mentioned in RFC 3056 - you use BGP policy to scope
> > which relay serves which part of the native IPv6 network.
>
> A very and heavy and unreliable (the unpredictable return routing) model.
> I don't believe there are any of these deployed.
>
> > That in itself doesn't protect against spoofing however;
>
> Indeed.
>
> > for that you need
> > peering between the 6to4 router and a set of trustworthy relays.
>
> You're creating a separate, rather small 6to4 internets using this model,
> unless the relay routers will relay more specific routes between them.
>
> I can't regard that as an acceptable deployment scenario: this seems like
> creating semi-global addresses, and isolate yourself from the rest.
There are some balkanization risks in the RFC 3056 BGP-based model.
There are spoofing/DDOS risks in the host-based anycast 6to4 model
that has been implemented but never fully specified.
Take your pick.
Brian