Home page logo
/

nanog logo nanog mailing list archives

Re: Comcast's 6to4 Relays
From: Steven Bellovin <smb () cs columbia edu>
Date: Wed, 20 Apr 2011 16:02:21 -0400


On Apr 20, 2011, at 3:50 03PM, Owen DeLong wrote:


On Apr 20, 2011, at 11:25 AM, Doug Barton wrote:

On 04/20/2011 10:54, Brzozowski, John wrote:
Doug,

I am aware of the drafts you cited earlier, as Mikael mentions below the
existence of the same will not result in 6to4 being turned off
automatically or immediately.  This process will likely  take years.

I was going to let this go, but after so many responses in the same vein I feel compelled to clarify. *I personally* 
believe that the answer to 6to4 is to just turn it off. These things have long tails because we insist that they do, 
not because they have to. *However,* I am realistic enough to know that it isn't going to happen, regardless of how 
disappointed I may be about that. :)

Turnning off the servers will not reduce the brokenness of 6to4, it will increase it.

The best way to get rid of 6to4 is to deploy native IPv6.
The best way to improve 6to4 behavior until that time is to deploy more, not less 6to4 relays.
Hurricane Electric has proven this.
Comcast has proven this.
Every provider that has deployed more 6to4 relays has proven this.

Please note the goal here is not to make 6to4 great, like many others we
hope to see 6to4 use diminish over time.

"Hope is not a plan." Meanwhile, my main goal in posting was to make sure that to the extent that you(Comcast) 
intend to make changes to your 6to4 infrastructure that you take into account the current thinking about that, and 
I'm very pleased to hear that you have.

The best way to make 6to4 diminish has always been and still remains:

      Deploy Native IPv6 Now.

That's a plan and a necessity at this point, but, execution is still somewhat lagging.


Of course, Comcast *is* deploying native IPv6; see, for example,
http://mailman.nanog.org/pipermail/nanog/2011-January/031624.html
It just takes a while -- and a non-trivial number of zorkmids -- to
do things like replacing all of the non-v6 CPE.


                --Steve Bellovin, https://www.cs.columbia.edu/~smb







  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault