Re: Automatic IPv6 due to broadcast

[Carlos Martinez-Cagnazzo <carlosm3011 () gmail com>]

I don't understand why a problem with a tunnel 'leaves a bad taste with
IPv6'. Since when a badly configured DNS zone left people with a 'bad
taste for DNS', or a badly configured switch left people with 'a bad
taste for spanning tree' or 'a bad taste for vlan trunking' ?

It seems to me that what are perceived as operational mistakes and/or
plain lack of knowledge for some technologies is perceived as a fault of
the protocol itself in the case of IPv6.

People need to get their acts together.

~Carlos

On 4/16/12 11:38 PM, Brandon Penglase wrote:
> I know you mentioned RedHat, but not if it was the router or other
> servers. Were you playing with Microsoft's Direct Access and turn on
> the dns entry (isatap.domain.com) internally?
> At my current place of employment, we had a security student (at the
> direction of our security analyst) turn up a DA test server. When they
> enabled the DNS entry, just about every Windows 7 and 2008 server setup
> a v6 tunnel back to this little tiny VM. This also included the DNS
> entries in AD, so all of the sudden, servers have v6 addresses. 
> Needless to say, everything was horribly slow, and some things even
> flat out broke. Sadly this event left a really sour taste for IPv6 with
> Networking department (whom I was occasionally bugging about v6).
>
> If you weren't testing this, did you possibly setup something similar
> where it would automatically generate a tunnel?
>
>       Brandon Penglase
>
>  On Mon, 16 Apr 2012 23:39:46 +0530
> Anurag Bhatia <me () anuragbhatia com> wrote:
>
> > Hello everyone
> >
> >
> >
> > Just got a awfully crazy issue. I heard from our support team about
> > failure of whois during domain registration. Initially I thought of
> > port 43 TCP block or something but found it was all ok. Later when
> > ran whois manually on server via terminal it failed. Found problem
> > that server was connecting to whois server - whois.verisign-grs.com.
> > I was stunned! Server got IPv6 and not just that one - almost all.
> > This was scary - partial IPv6 setup and it was breaking things.
> >
> > In routing tables, routes were all going to a router which I recently
> > setup for testing. That router and other servers are under same
> > switch but by no means I ever configured that router as default
> > gateway for IPv6. I found option of "broadcast" was enabled on router
> > for local fe80... address and I guess router broadcasted IPv6 and
> > somehow (??) all servers found that they have a IPv6 router on LAN
> > and started using it - automated DHCP IPv6?
> >
> > I wonder if anyone else also had similar issues? Also, if my guesses
> > are correct then how can we disable Red Hat distro oriented servers
> > from taking such automated configuration - simple DHCP in IPv6
> > disable?
> >
> >
> >
> >
> > Thanks
> >
> > -- 
> >
> > Anurag Bhatia
> > anuragbhatia.com
> > or simply - http://[2001:470:26:78f::5] if you are on IPv6 connected
> > network!
> >
> > Twitter: @anurag_bhatia <https://twitter.com/#!/anurag_bhatia>
> > Linkedin: http://linkedin.anuragbhatia.com