On Sep 15, 2008, at 17:44, Christian Huitema wrote: If the ISP ensures that the advertisements for 2001::/32 are not sent to third parties, then the relays can only be used by that ISP's customer. The complaint I have heard is that simply not advertising the routes to third parties is not enough to prevent them from using static routes to steal relay service. This can be mitigated by using ULA's for the IPv6 interface addresses, but the corresponding use of RFC 1918 addresses for the IPv4 interfaces is more perilous, it seems, from an O&M perspective— or so I've gathered. Perhaps, I'm mistaken, and there really are no technical objections to the deployment of relay routers, and the resistance is entirely motivated by perverse incentives that lead to the degradation of the public IPv6 internet as their tragic side-effect. I'm trying not to be demoralized by that possibility.
Isn't this impossible without filtering the return path to the unicast IPv4 addresses on their Teredo relay so that exterior sites are unable to obtain relay service to other exterior sites by the application of a static route? I gather that this filtering requirement is the only reason service providers are offering any technical objection to the deployment of 6to4 and Teredo relays. My idea is to allocate a new special-use block of IPv4 addresses so that such static routes are only possible by explicit, mutual agreement between autonomous systems. On a related note: should we move this discussion onto the <v4v6interim@ietf.org> list? -- james woodyatt <jhw@apple.com> member of technical staff, communications engineering |