(added ngtrans@) On Mon, 10 Dec 2001, Tony Hain wrote: > For starters your assumption that you can reach all nodes on a remote > link is broken, because you can't know the subnet mask, therefore the > appropriate directed broadcast. The short answer to your question though > is that the broadcast capability was explicitly removed from IPv6, so > you can't.
However, there are potentially issues with transition mechanisms, especially those using some form of automatic tunneling (which is one reason why this, automatic bridging systems etc. may get to be a headache). Suppose IPv4/6 router is also a 6to4 router for a subnet, so it must accept IPv6-in-IPv4 packets from everywhere. Suppose someone sends in a packet with: src=1.2.3.4 dst=<ipv4 of the router> protocol=41 src6=fec0::1 (or 3ffe:ffff::1 or whatever) dst6=ff05::1 (or ff02::1 or whatever) ... With varying levels of different src6/dst6 values. It's possible that implementations use a "same-zone" check with non-global addresses, but this may or may not be the case. This is especially nasty if hosts would listen to ff0e::1 (global all-hosts) address (even though it would not be globally routable); there would not be such restrictions on same zone. The issues with automatic tunneling are discussed a little bit in: http://www.ietf.org/internet-drafts/draft-savola-ngtrans-6to4-security-00.txt (by the way, comments would be welcome ;-) -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
