[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: I-D ACTION:draft-nward-v6ops-teredo-server-selection-00.txt
> My understanding is that, if we were to use anycast, bits 32-63 of
> Teredo addresses would essentially be frozen to the anycast server
> address, and peers would contact the closest server instead of the that
> of the client they want to punch an hole to. That should still work.
>
> But it adds a requirement that all Teredo *relays* have a working
> Teredo anycast route. That should still work.
The very first "shipworm" draft was actually based on anycast. With that in mind, each host received a 64 bit prefix, made of a fixed /16 for the service, the mapped address of the host, and the mapped port of the host. The draft promptly made it to WGLC, only to be sent back after review, with the main piece of feedback being "please don't use anycast". With anycast, clients don't know who their server is, which makes debugging painful and generally dilute accountability. Also, using anycast as IPv4 source address provides a handy way to defeat all forms of egress control, spoof addresses, etc.
-- Christian Huitema