6-to-4

John Wright John Wright <john@dryfish.org>
Sat, 16 Dec 2000 23:05:00 +0000

Previous message: attn: pTLA's
Next message: 6-to-4
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> [...]
> 	Yes, this is VERY confusing.  however, they are different, and here we
> 	are talking about the former, not the latter.

In that case the following from kame source tree's IMPLEMENTATION file:

---8<---

draft-ietf-ngtrans-6to4-06.txt:
        Connection of IPv6 Domains via IPv4 Clouds without Explicit Tunnels
    * "stf" interface implements it.  Be sure to read the next item before
      configuring it, there are security issues.
draft-itojun-ipv6-transition-abuse-01.txt:
        Possible abuse against IPv6 transition technologies
    * KAME does not implement RFC1933/2893 automatic tunnel.
    * "stf" interface implements some address filters.  Refer to stf(4)
      for details.  Since there's no way to make 6to4 interface 100% secure,
      we do not include "stf" interface into GENERIC.v6 compilation.
    * kame/openbsd completely disables IPv4 mapped address support.
    * kame/netbsd makes IPv4 mapped address support off by default.
    * See section 1.12.6 and 1.14 for more details.

---8<---

Security issues will obviously make OpenBSD suspicious about implementing
them and hence they have disabled this stf interface.

Previous message: attn: pTLA's
Next message: 6-to-4
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]