[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More CPE

To: IPv6 Operations <v6ops@ops.ietf.org>
Subject: Re: More CPE
From: james woodyatt <jhw@apple.com>
Date: Thu, 10 Jan 2008 10:31:06 -0800
In-reply-to: <F4BA3FCC-4B5A-46A7-9F4C-90F1212613C9@muada.com>
References: <F4BA3FCC-4B5A-46A7-9F4C-90F1212613C9@muada.com>

On Jan 9, 2008, at 16:15, Iljitsch van Beijnum wrote:


(Discussion: how does a host know if it's firewalled?

That's easy. It receives an ALD Firewall Advertisement message. Amore difficult question is How Does A Node Discover That It *ISN'T*Firewalled?

In IPv4 you can see that you have an RFC1918 address. But your IPv6address is the same whether you need to bypass a firewall or not.Apparently, at least one vendor has decided to not publish AAAArecords because of this issue. Do we need to push out informationabout the firewall status to hosts?)

Heh. I've seen at least one large US financial institution *remove*its AAAA records for the more serious reason that some (more thanone) major North American ISP's are deliberately routing 6to4 trafficinto black holes and refusing to deploy relays of their own betweentheir production IPv6 and IPv4 networks.


We have more than a few bugs to work out of the system at this point.


--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering

References:
- More CPE
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: More CPE
Next by Date: Re: More CPE
Previous by thread: Re: More CPE
Next by thread: Re: More CPE
Index(es):
- Date
- Thread