Or is it because AVM blocks all inbound IPv6 connection and X/Box has no choice but falling back on Teredo?
I am really unclear on the exact situation -éric On 13/03/14 21:46, "Gert Doering" <[email protected]> wrote: >Hi > >On Thu, Mar 13, 2014 at 07:12:54PM +0000, Eric Vyncke (evyncke) wrote: >> What annoys me more if the fact that AVM (and they are not the only one >>-- >> see Technicolor & others) naively believes that NAT44 offered some >> security by preventing inbound connections... This means that there is >>NO >> open connectivity between two X/Box behind a closed AVM CPE... Hence >>X/Box >> has no choice and is smart enough to fall back in the legacy NAT44 mode >> with a TURN (or in this case Teredo) to bypass NAT. A very nice >> opportunity to run man-in-the-middle attack on a foreign ground. > >I'm not sure what NAT44 has to do with it. > >The point is that there is *native* IPv6 and the XBox insists on >preferring >Teredo - and the AVM box blocks Teredo if it has native IPv6, because >there >is no real use in permitting an "tunnel IPv6 around the IPv4-only router!" >protocol when there *is* a perfectly good IPv6-capable router around... > >Gert Doering > -- NetMaster >-- >have you enabled IPv6 on something today...? > >SpaceNet AG Vorstand: Sebastian v. Bomhard >Joseph-Dollinger-Bogen 14 Aufsichtsratsvors.: A. >Grundner-Culemann >D-80807 Muenchen HRB: 136055 (AG Muenchen) >Tel: +49 (0)89/32356-444 USt-IdNr.: DE813185279
