[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: More CPE



On Jan 9, 2008, at 16:15, Iljitsch van Beijnum wrote:

(Discussion: how does a host know if it's firewalled?

That's easy. It receives an ALD Firewall Advertisement message. A more difficult question is How Does A Node Discover That It *ISN'T* Firewalled?

In IPv4 you can see that you have an RFC1918 address. But your IPv6 address is the same whether you need to bypass a firewall or not. Apparently, at least one vendor has decided to not publish AAAA records because of this issue. Do we need to push out information about the firewall status to hosts?)


Heh. I've seen at least one large US financial institution *remove* its AAAA records for the more serious reason that some (more than one) major North American ISP's are deliberately routing 6to4 traffic into black holes and refusing to deploy relays of their own between their production IPv6 and IPv4 networks.

We have more than a few bugs to work out of the system at this point.


--
james woodyatt <jhw@apple.com>
member of technical staff, communications engineering