[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Automatic tunnels

To: <itojun@iijlab.net>
Subject: RE: Automatic tunnels
From: "Christian Huitema" <huitema@windows.microsoft.com>
Date: Thu, 31 Jul 2003 09:03:48 -0700
Cc: <v6ops@ops.ietf.org>

> 	for native-to-6to4, there's no way to protect from abuse (since
> 	2002::/16 has to be advertised, more-specific route is not
> permitted).
> 	how do you address the problem? (pekka's draft outlines the
problem
> 	very well)

Which type of abuse are you concerned with? We can deploy native-to-6to4
relays in several modes:

 - host specific 
	(host is multi-homed to 6to4, local routing entry to 2002::/16)
 - AS specific 
	(some routers act as relay, export a route to 2002::/16 in IGP)
 - Across multiple AS
	(export a route to 2002::/16 in BGP)

The first two modes don't seem particularly prone to abuse. Host
specific relays certainly are not an issue, and the abuse to AS specific
relay fall in the general category of "abusing peering agreements",
which is by no means specific to 6to4. I agree that exporting a route
through BGP is hard to control, as the route can be re-exported by
peering ASes. But, again, this fall in the category of "peering abuses",
which can be contained by proper peering contracts.

-- Christian Huitema

Follow-Ups:
- Re: Automatic tunnels
  - From: itojun@iijlab.net

Prev by Date: Re: Automatic tunnels
Next by Date: Re: [mobile-ip] Re: FW: I-D ACTION:draft-tsirtsis-dsmip-problem-00.txt
Previous by thread: Re: Automatic tunnels
Next by thread: Re: Automatic tunnels
Index(es):
- Date
- Thread