I don't understand why a problem with a tunnel 'leaves a bad taste with IPv6'. Since when a badly configured DNS zone left people with a 'bad taste for DNS', or a badly configured switch left people with 'a bad taste for spanning tree' or 'a bad taste for vlan trunking' ?
It seems to me that what are perceived as operational mistakes and/or plain lack of knowledge for some technologies is perceived as a fault of the protocol itself in the case of IPv6. People need to get their acts together. ~Carlos On 4/16/12 11:38 PM, Brandon Penglase wrote: > I know you mentioned RedHat, but not if it was the router or other > servers. Were you playing with Microsoft's Direct Access and turn on > the dns entry (isatap.domain.com) internally? > At my current place of employment, we had a security student (at the > direction of our security analyst) turn up a DA test server. When they > enabled the DNS entry, just about every Windows 7 and 2008 server setup > a v6 tunnel back to this little tiny VM. This also included the DNS > entries in AD, so all of the sudden, servers have v6 addresses. > Needless to say, everything was horribly slow, and some things even > flat out broke. Sadly this event left a really sour taste for IPv6 with > Networking department (whom I was occasionally bugging about v6). > > If you weren't testing this, did you possibly setup something similar > where it would automatically generate a tunnel? > > Brandon Penglase > > On Mon, 16 Apr 2012 23:39:46 +0530 > Anurag Bhatia <m...@anuragbhatia.com> wrote: > >> Hello everyone >> >> >> >> Just got a awfully crazy issue. I heard from our support team about >> failure of whois during domain registration. Initially I thought of >> port 43 TCP block or something but found it was all ok. Later when >> ran whois manually on server via terminal it failed. Found problem >> that server was connecting to whois server - whois.verisign-grs.com. >> I was stunned! Server got IPv6 and not just that one - almost all. >> This was scary - partial IPv6 setup and it was breaking things. >> >> In routing tables, routes were all going to a router which I recently >> setup for testing. That router and other servers are under same >> switch but by no means I ever configured that router as default >> gateway for IPv6. I found option of "broadcast" was enabled on router >> for local fe80... address and I guess router broadcasted IPv6 and >> somehow (??) all servers found that they have a IPv6 router on LAN >> and started using it - automated DHCP IPv6? >> >> I wonder if anyone else also had similar issues? Also, if my guesses >> are correct then how can we disable Red Hat distro oriented servers >> from taking such automated configuration - simple DHCP in IPv6 >> disable? >> >> >> >> >> Thanks >> >> -- >> >> Anurag Bhatia >> anuragbhatia.com >> or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected >> network! >> >> Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia> >> Linkedin: http://linkedin.anuragbhatia.com >>