[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: 6to4 deployement issues - was 6to4 security questions
Alain,
--- Alain Durand <Alain.Durand@Sun.COM> wrote:
> How does this help a 6to4 router to check if the packet is coming from
> a legitimate 6to4 relay?
>
> - Alain.
Tim Gleeson and I were just talking about the 6to4 open relay issue.
If router A sends traffic out thru relay B but gets return traffic
back thru relay C we have the open relay situation. Since everything
is just IPv6 over IPv4 as a link layer, can we possibly leverage
neighbor discovery to set up some sort of security association
along the forward and reverse paths?
I've been working on a scheme that can provide path mtu discovery based
on a "three way handshake" using neighbor discovery, and I've wondered
if/how a security association could be added to the negotiation.
Any thoughts on this?
Fred Templin
osprey67@yahoo.com
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus – Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com