> From: David Hubbard <[email protected]> > Websites that require some type of authentication that is handled via > session cookies have been booting our users out randomly with "your ip > address has changed" type message. This occurs when their Mac decides > to switch between protocols because the site views it as a session > hijacking attempt when Joe User with session ID xyz switches from > 192.0.2.10 to 2001:db8::1:1:a or vice versa. > > Has anyone run into this?
It's 1997 again? This used to be a common IPv4 problem for us as users exited through a cluster of squid caches which could result in a different address per request. Those site eventually learnt after much feedback not to assume on IPv4 address continuity. brandon
