Re: IPV6 issues

To: John Nemeth <jnemeth%cue.bc.ca@localhost>
Subject: Re: IPV6 issues
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Sun, 20 Apr 2014 19:35:27 -0400

On Sun, Apr 20, 2014 at 10:50:20AM -0700, John Nemeth wrote:
> On Apr 16,  8:08pm, Thor Lancelot Simon wrote:
> } On Wed, Apr 16, 2014 at 06:29:02PM -0400, Greg Troxel wrote:
> } > 
> } > So I would ask: why do you think you need to disable it?  By default,
> } > the system will have no v6 addresses configured and should not incur
> } > delays due to this.  Are you having a problem?
> } 
> } The system will have link-local addresses configured and anything that
> } listens on ANY will take packets from them.  Without a firewall 
> configuration
> } that blocks all IPv6 traffic on the Internet side, this can be very
> } dangerous, effectively exposing services that were not exposed over IPv4.
> 
>      If you're ISP doesn't support IPv6, then how are you going to
> receive any packets at a link-local address on an interface connected
> to the ISP?

The answer's obvious, isn't it?  You'll get them from other stations
connected to the multiple-access network that connects you to your ISP's
router.

For example, the network upstream of my home firewall has a /22 netmask,
and when the ISP's router fails over and everyone has to ARP for the new
gateway's MAC address, I can observe literally hundreds of other stations
on it.  All those stations can talk directly to me by IPv6 (or by IPv4,
for that matter) without the DOCSIS head-end routing anything.

Thor

References:
- Re: IPV6 issues
  - From: Thor Lancelot Simon
- Re: IPV6 issues
  - From: John Nemeth

Prev by Date: Re: Booting arguments for NetBSD under qemu
Next by Date: netbsd 5 and high speed internet
Previous by Thread: Re: IPV6 issues
Next by Thread: Re: IPV6 issues
Indexes:

Home | Main Index | Thread Index | Old Index