Michel Py wrote: > > > Pekka Savola wrote: > > The point you're missing is that RFC3056 requires/recommends > > the 6to4 pseudo-interface implementations to discard packets > > received-from/would-be-sent-to 2002:FOO, where FOO is private. > > This is not a problem *unless* some node in your network is > > configured with a 6to4 pseudo-interface -- and I believe many > > of them are (e.g. Windows boxes, etc.). > > That's precisely my point: this is a feature, not a bug. A host MUST NOT > use a private address to talk to the outside of its site. Very close to > the top of the list of what needs to be done to insure this is to remove > all 6to4 pseudo-interfaces. Therefore, using 2002::<RFC1918> as a real > 6to4 site and not with individual hosts using their own IPv4 address as > the 6to4 address does actually enforce the removal of 6to4 > pseudo-interfaces because if they exist it won't work at all (if the > implementation enforces RFC3056).
That's correct as long as the RFC3056 code is only enabled in the site border router. If it's enabled in any internal routers, the packets will get black holed internally. Also if you have any hosts that support 6to4, which is not the model described in RFC3056 but is shipped in at least one o/s, strange things may happen. Brian -------------------------------------------------------------------- IETF IPng Working Group Mailing List IPng Home Page: http://playground.sun.com/ipng FTP archive: ftp://playground.sun.com/pub/ipng Direct all administrative requests to [EMAIL PROTECTED] --------------------------------------------------------------------
