On Wed, 26 Mar 2003, Michel Py wrote: > >> Michael Thomas wrote: > >> There is some appeal to 6to4 and 1918... it keeps > >> the problem within the cesspool of current usage > >> and doesn't try to rationalize it any further. > >> A maze of twisty addresses, all alike... > > > Tim Chown wrote: > > But as Pekka says, won't 6to4 interfaces fail to > > deliver to 2002:<RFC1918> if the network is IPv6 only, > > or doesn't use IPv4 private IPs? > > I don't see why. 6to4 addresses are supposed to be completely routable > within a site until they reach the 6to4 gateway typically placed at the > edge. With that one IPv4 address which is the gateway, you get a /48 > 6to4 prefix which does indeed includes 16 bits for local subnet > topology. Looking at my own network, if I wanted to use 6to4 as the > internal private scheme, I just have to delete the following on the edge > router: > > | interface Tunnel6 > | description for ipv6 6to4 tunnels > | ipv6 address 2002:D1E9:7E41::1/64 > | ipv6 traffic-filter IPV6-ACL-OUTSIDE-IN in > | tunnel source Ethernet0/0 > | tunnel mode ipv6ip 6to4 > | tunnel path-mtu-discovery > > and also delete > > | ipv6 route 2002::/16 Tunnel6 > > And the 2002: internal routing still works with whatever IGP I choose (I > have not tried with IS-IS). Voil�. On the host side, make sure that they > pick the RA announcing the 6to4 prefix.
The point you're missing is that RFC3056 requires/recommends the 6to4 pseudo-interface implementations to discard packets received-from/would-be-sent-to 2002:FOO, where FOO is private. This is not a problem *unless* some node in your network is configured with a 6to4 pseudo-interface -- and I believe many of them are (e.g. Windows boxes, etc.). Different kind of trouble would occur if you didn't use private addresses and didn't have edge router corresponding to FOO enabling the 6to4 pseudo-interface. -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
