From sam@dhs.org Mon Sep 2 12:30:10 2002 From: sam@dhs.org (Sam Bingner) Date: Mon, 2 Sep 2002 01:30:10 -1000 Subject: [6bone] ip6 conversion script Message-ID: <000201c25274$19b08d00$46744140@bingner.com> This is a multi-part message in MIME format. ------=_NextPart_000_0003_01C25220.48047D00 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I attached a little conversion tool written in perl to take as an argument a regular ip6 address like 3ffe:2900:b::1 and output the ip6.int address and full ipv6 address. Don't know if you guys will find a use for it, but trying to figure out what to put in DNS files gave me a headache ;) if anybody wants to post it on a website somewhere, feel free... just let me know :) Sam Syntax: [thanotos@recluce src]# ip6info 3ffe:2900:b001:1::1/64 Full ip6 address: 3ffe:2900:b001:0001:0000:0000:0000:0001 ip6.rev address: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.b.0.0.9.2.e.f.f.3.ip6.int. ip6.rev prefix (domain): 1.0.0.0.1.0.0.b.0.0.9.2.e.f.f.3.ip6.int ip6.rev suffix (host): 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0 or [thanotos@recluce src]# ip6info 3ffe:2900:b001:1::1 Full ip6 address: 3ffe:2900:b001:0001:0000:0000:0000:0001 ip6.rev address: 1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.1.0.0.0.1.0.0.b.0.0.9.2.e.f.f.3.ip6.int. ------=_NextPart_000_0003_01C25220.48047D00 Content-Type: application/octet-stream; name="ip6info" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="ip6info" #!/usr/bin/perl=0A= #=0A= # IPv6 address conversion tool=0A= # by Sam Bingner =0A= # Copywrite (c) 2002, Sam Bingner=0A= =0A= use strict;=0A= =0A= my (@addr6, @ip6, $prefix);=0A= =0A= my @addr =3D split(/:/, $ARGV[0]);=0A= =0A= unless (length $addr[0]) {=0A= shift @addr;=0A= }=0A= =0A= if ($addr[$#addr] =3D~ s/\/(\d{0,3})$//) {=0A= $prefix =3D $1;=0A= }=0A= =0A= foreach my $section (@addr) {=0A= if (length $section > 0) {=0A= push @addr6, sprintf("%04x", hex($section));=0A= my @array =3D split(//, $addr6[$#addr6]);=0A= for (1..4) {=0A= unshift @ip6, shift @array;=0A= }=0A= } else {=0A= for (1..8 - $#addr) {=0A= push @addr6, '0000';=0A= unshift @ip6, (0,0,0,0);=0A= }=0A= }=0A= };=0A= =0A= unless (scalar(@addr6) =3D=3D 8) {=0A= for ($#addr6..8) {=0A= push @addr6, '0000';=0A= }=0A= }=0A= =0A= print "Full ip6 address: " . join(':', @addr6) . "\n";=0A= print "ip6.rev address: " . join('.', @ip6) . ".ip6.int.\n";=0A= if (defined $prefix) {=0A= print "ip6.rev prefix (domain): " . join('.', @ip6[(128 - $prefix) / = 4..$#ip6]) . ".ip6.int\n";=0A= print "ip6.rev suffix (host): " . join('.', @ip6[0..(128 - = $prefix) / 4 - 1]) . "\n";=0A= }=0A= ------=_NextPart_000_0003_01C25220.48047D00-- From pasky@pasky.ji.cz Mon Sep 2 14:28:00 2002 From: pasky@pasky.ji.cz (Petr Baudis) Date: Mon, 2 Sep 2002 15:28:00 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <000201c25274$19b08d00$46744140@bingner.com> References: <000201c25274$19b08d00$46744140@bingner.com> Message-ID: <20020902132800.GA24056@pasky.ji.cz> Dear diary, on Mon, Sep 02, 2002 at 01:30:10PM CEST, I got a letter, where Sam Bingner told me, that... > I attached a little conversion tool written in perl to take as an argument a > regular ip6 address like 3ffe:2900:b::1 and output the ip6.int address and > full ipv6 address. > > Don't know if you guys will find a use for it, but trying to figure out what > to put in DNS files gave me a headache ;) Only FYI, there already exists similiar tool by Keith Owens named ip6_int, available ie. at http://www.bieringer.de/linux/IPv6/tools/ip6_int, which does basically the same, but has less sophisticated output; on the other hand, it can be conviently used as host -a `ip6_int 3ffe:1234::1`, which is big advantage. Maybe you could extend your tool to take some special parameter defining output type, and assume the "short" output type when called as ip6_int? Then this tool would probably definitively become fully backwards-compatible superior for ip6_int and maybe NetBSD and other people would even include it instead of the original ip6_int. -- Petr "Pasky" Baudis * ELinks maintainer * IPv6 guy (XS26 co-coordinator) * IRCnet operator * FreeCiv AI occassional hacker . Girls are like internet domain names, the ones I like are already taken. Well, you can still get one from a strange country :-P . Public PGP key && geekcode && homepage: http://pasky.ji.cz/~pasky/ From nicolas.deffayet@ndsoftware.net Mon Sep 2 15:02:03 2002 From: nicolas.deffayet@ndsoftware.net (Nicolas DEFFAYET) Date: 02 Sep 2002 16:02:03 +0200 Subject: [6bone] ip6 conversion script In-Reply-To: <000201c25274$19b08d00$46744140@bingner.com> References: <000201c25274$19b08d00$46744140@bingner.com> Message-ID: <1030975323.20676.265.camel@wks1.fr.corp.ndsoftware.com> On Mon, 2002-09-02 at 13:30, Sam Bingner wrote: > I attached a little conversion tool written in perl to take as an argument a > regular ip6 address like 3ffe:2900:b::1 and output the ip6.int address and > full ipv6 address. ipv6calc of Peter Bieringer (http://bieringer.mirrors.ndsoftwarenet.com/ipv6calc/) do that and have more options. Best Regards, Nicolas DEFFAYET From tony@lava.net Mon Sep 2 20:56:50 2002 From: tony@lava.net (Antonio Querubin) Date: Mon, 2 Sep 2002 09:56:50 -1000 (HST) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020902132800.GA24056@pasky.ji.cz> Message-ID: On Mon, 2 Sep 2002, Petr Baudis wrote: > Only FYI, there already exists similiar tool by Keith Owens named ip6_int, > available ie. at http://www.bieringer.de/linux/IPv6/tools/ip6_int, which does > basically the same, but has less sophisticated output; on the other hand, it > can be conviently used as host -a `ip6_int 3ffe:1234::1`, which is big > advantage. The ability to do this is already built-in to more recent OS host commands (eg FreeBSD). Also, there are PERL modules that already handle IPv6 transparently such as Net::IP. Some of these are lagging though as they're still outputting ip6.int instead of ip6.arpa but that should change over time. From pasky@pasky.ji.cz Mon Sep 2 20:59:09 2002 From: pasky@pasky.ji.cz (Petr Baudis) Date: Mon, 2 Sep 2002 21:59:09 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: References: <20020902132800.GA24056@pasky.ji.cz> Message-ID: <20020902195909.GN24056@pasky.ji.cz> Dear diary, on Mon, Sep 02, 2002 at 09:56:50PM CEST, I got a letter, where Antonio Querubin told me, that... > On Mon, 2 Sep 2002, Petr Baudis wrote: > > > Only FYI, there already exists similiar tool by Keith Owens named ip6_int, > > available ie. at http://www.bieringer.de/linux/IPv6/tools/ip6_int, which does > > basically the same, but has less sophisticated output; on the other hand, it > > can be conviently used as host -a `ip6_int 3ffe:1234::1`, which is big > > advantage. > > The ability to do this is already built-in to more recent OS host commands > (eg FreeBSD). Yes, but ie. BIND8 has still many users. > Also, there are PERL modules that already handle IPv6 transparently such as > Net::IP. That's good for them.. but basically, this still works and people are used to it ;-). > Some of these are lagging though as they're still outputting ip6.int instead > of ip6.arpa but that should change over time. That I consider a Good Thing (tm), from my egoistic 6bone-user point of view ;-). -- Petr "Pasky" Baudis * ELinks maintainer * IPv6 guy (XS26 co-coordinator) * IRCnet operator * FreeCiv AI occassional hacker . Girls are like internet domain names, the ones I like are already taken. Well, you can still get one from a strange country :-P . Public PGP key && geekcode && homepage: http://pasky.ji.cz/~pasky/ From daniel@unix.za.net Mon Sep 2 23:46:44 2002 From: daniel@unix.za.net (Daniel Schroder) Date: Tue, 3 Sep 2002 00:46:44 +0200 (SAST) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020902195909.GN24056@pasky.ji.cz> Message-ID: <20020903004513.L63780-100000@unix.za.net> Sorry .. I'm loosing the plot again .. is the road on ipv6.int or ipv6.arpa ? --Daniel Schroder (Private email daniel@unix.os.org.za) Unix users .. South Africa To : Antonio Querubin From : Petr Baudis date : Sep 2 Address : pasky@pasky.ji.cz (A good friend will bail you out of jail,But your best friend will be sitting next to you saying: 'That was f*cking awesome!) On Mon, 2 Sep 2002, Petr Baudis wrote: > Dear diary, on Mon, Sep 02, 2002 at 09:56:50PM CEST, I got a letter, > where Antonio Querubin told me, that... > > On Mon, 2 Sep 2002, Petr Baudis wrote: > > > > > Only FYI, there already exists similiar tool by Keith Owens named ip6_int, > > > available ie. at http://www.bieringer.de/linux/IPv6/tools/ip6_int, which does > > > basically the same, but has less sophisticated output; on the other hand, it > > > can be conviently used as host -a `ip6_int 3ffe:1234::1`, which is big > > > advantage. > > > > The ability to do this is already built-in to more recent OS host commands > > (eg FreeBSD). > > Yes, but ie. BIND8 has still many users. > > > Also, there are PERL modules that already handle IPv6 transparently such as > > Net::IP. > > That's good for them.. but basically, this still works and people are used to > it ;-). > > > Some of these are lagging though as they're still outputting ip6.int instead > > of ip6.arpa but that should change over time. > > That I consider a Good Thing (tm), from my egoistic 6bone-user point of view > ;-). > > -- > > Petr "Pasky" Baudis > > * ELinks maintainer * IPv6 guy (XS26 co-coordinator) > * IRCnet operator * FreeCiv AI occassional hacker > . > Girls are like internet domain names, the ones I like are already taken. > Well, you can still get one from a strange country :-P > . > Public PGP key && geekcode && homepage: http://pasky.ji.cz/~pasky/ > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > From bmanning@ISI.EDU Tue Sep 3 01:03:41 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Mon, 2 Sep 2002 17:03:41 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020903004513.L63780-100000@unix.za.net> from Daniel Schroder at "Sep 3, 2 00:46:44 am" Message-ID: <200209030003.g8303fv00683@boreas.isi.edu> ip6.int - the original anchor for v6 space. All delegations can be found here. ip6.arpa - the more recent anchor for v6 space. Some delegations can be found here. Some v6 delegations will never be found here. % % Sorry .. I'm loosing the plot again .. is the road on ipv6.int or % ipv6.arpa ? % % % --Daniel Schroder (Private email daniel@unix.os.org.za) % Unix users .. South Africa % % To : Antonio Querubin % From : Petr Baudis % date : Sep 2 % Address : pasky@pasky.ji.cz % % (A good friend will bail you out of jail,But your % best friend will be sitting next to you % saying: 'That was f*cking awesome!) % % On Mon, 2 Sep 2002, Petr Baudis wrote: % % > Dear diary, on Mon, Sep 02, 2002 at 09:56:50PM CEST, I got a letter, % > where Antonio Querubin told me, that... % > > On Mon, 2 Sep 2002, Petr Baudis wrote: % > > % > > > Only FYI, there already exists similiar tool by Keith Owens named ip6_int, % > > > available ie. at http://www.bieringer.de/linux/IPv6/tools/ip6_int, which does % > > > basically the same, but has less sophisticated output; on the other hand, it % > > > can be conviently used as host -a `ip6_int 3ffe:1234::1`, which is big % > > > advantage. % > > % > > The ability to do this is already built-in to more recent OS host commands % > > (eg FreeBSD). % > % > Yes, but ie. BIND8 has still many users. % > % > > Also, there are PERL modules that already handle IPv6 transparently such as % > > Net::IP. % > % > That's good for them.. but basically, this still works and people are used to % > it ;-). % > % > > Some of these are lagging though as they're still outputting ip6.int instead % > > of ip6.arpa but that should change over time. % > % > That I consider a Good Thing (tm), from my egoistic 6bone-user point of view % > ;-). % > % > -- % > % > Petr "Pasky" Baudis % > % > * ELinks maintainer * IPv6 guy (XS26 co-coordinator) % > * IRCnet operator * FreeCiv AI occassional hacker % > . % > Girls are like internet domain names, the ones I like are already taken. % > Well, you can still get one from a strange country :-P % > . % > Public PGP key && geekcode && homepage: http://pasky.ji.cz/~pasky/ % > _______________________________________________ % > 6bone mailing list % > 6bone@mailman.isi.edu % > http://mailman.isi.edu/mailman/listinfo/6bone % > % % _______________________________________________ % 6bone mailing list % 6bone@mailman.isi.edu % http://mailman.isi.edu/mailman/listinfo/6bone % -- --bill From aangel@myrealbox.com Tue Sep 3 06:50:28 2002 From: aangel@myrealbox.com (Aaron J. Angel) Date: Tue, 03 Sep 2002 00:50:28 -0500 Subject: [6bone] Re: ip6 conversion script References: <200209030003.g8303fv00683@boreas.isi.edu> Message-ID: <3D744DA4.1000302@myrealbox.com> Bill Manning wrote: > ip6.int - the original anchor for v6 space. All delegations > can be found here. Add: deprecated in favor of ip6.arpa. > ip6.arpa - the more recent anchor for v6 space. Some delegations > can be found here. Some v6 delegations will never be > found here. What makes you think some delegations will never be found here? From gert@space.net Tue Sep 3 08:40:24 2002 From: gert@space.net (Gert Doering) Date: Tue, 3 Sep 2002 09:40:24 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <200209030003.g8303fv00683@boreas.isi.edu>; from bmanning@ISI.EDU on Mon, Sep 02, 2002 at 05:03:41PM -0700 References: <20020903004513.L63780-100000@unix.za.net> <200209030003.g8303fv00683@boreas.isi.edu> Message-ID: <20020903094024.Z27015@Space.Net> hi, On Mon, Sep 02, 2002 at 05:03:41PM -0700, Bill Manning wrote: > ip6.arpa - the more recent anchor for v6 space. Some delegations > can be found here. Some v6 delegations will never be > found here. Why? I know that *today*, 3ffe isn't delegated under ip6.arpa, but besides political bickering, I see no reason why this can't be fixed in the future. Having two reverse domains, one of them "official" and the other one "complete" sucks big time. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From randy@psg.com Tue Sep 3 15:41:38 2002 From: randy@psg.com (Randy Bush) Date: Tue, 03 Sep 2002 07:41:38 -0700 Subject: [6bone] Re: ip6 conversion script References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> Message-ID: >> ip6.arpa - the more recent anchor for v6 space. Some delegations >> can be found here. Some v6 delegations will never be >> found here. > What makes you think some delegations will never be found here? when ip6.int is removed in less than two years, they won't be found at all. in american we have an expression "to cut one's nose off to spite one's face." randy From fink@es.net Tue Sep 3 16:14:30 2002 From: fink@es.net (Bob Fink) Date: Tue, 03 Sep 2002 08:14:30 -0700 Subject: [6bone] 6bone pTLA 3FFE:4011::/32 allocated to EURO6IX Message-ID: <5.1.0.14.0.20020903080717.02933290@imap2.es.net> EURO6IX has been allocated pTLA 3FFE:4011::/32 having finished its 2-week review period. This pTLA is allocated specifically for the first attempt to try the new type of exchange-based aggregation talked about in RFC2374, "An IPv6 Aggregatable Global Unicast Address Format". I would appreciate seeing a report in one year detailing the lessons learned about exchange-based aggregation so that the IPv6 operational community can benefit. Note that it will take a short while for a EURO6IX IPv6-site and pTLA inet6num entry to appear in the 6bone registry as they have yet to be created. However, the pTLA registration is listed on: [To create a reverse DNS registration for pTLAs, please send the prefix allocated above, and a list of at least two authoritative nameservers, to hostmaster@ep.net.] Thanks, Bob From gert@space.net Tue Sep 3 17:35:14 2002 From: gert@space.net (Gert Doering) Date: Tue, 3 Sep 2002 18:35:14 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: ; from randy@psg.com on Tue, Sep 03, 2002 at 07:41:38AM -0700 References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> Message-ID: <20020903183514.O27015@Space.Net> hi, On Tue, Sep 03, 2002 at 07:41:38AM -0700, Randy Bush wrote: > >> ip6.arpa - the more recent anchor for v6 space. Some delegations > >> can be found here. Some v6 delegations will never be > >> found here. > > What makes you think some delegations will never be found here? > > when ip6.int is removed in less than two years, they won't be found > at all. in american we have an expression "to cut one's nose off > to spite one's face." this still doesn't answer the question *why* those delegations are not visible under ip6.arpa. These political child games are *hurting* IPv6 deployment. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From randy@psg.com Tue Sep 3 20:11:18 2002 From: randy@psg.com (Randy Bush) Date: Tue, 03 Sep 2002 12:11:18 -0700 Subject: [6bone] Re: ip6 conversion script References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> Message-ID: > this still doesn't answer the question *why* those delegations are not > visible under ip6.arpa. ask your local RIR randy From gert@space.net Tue Sep 3 20:19:55 2002 From: gert@space.net (Gert Doering) Date: Tue, 3 Sep 2002 21:19:55 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: ; from randy@psg.com on Tue, Sep 03, 2002 at 12:11:18PM -0700 References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> Message-ID: <20020903211955.R27015@Space.Net> Hi, On Tue, Sep 03, 2002 at 12:11:18PM -0700, Randy Bush wrote: > > this still doesn't answer the question *why* those delegations are not > > visible under ip6.arpa. > ask your local RIR What's wrong with delegating e.f.f.3.ip6.arpa to the same set of servers that hold e.f.f.3.ip6.int? No need to involve RIRs here unless the RIRs actually manage the space - which is currently under discussion, but not yet established. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From randy@psg.com Tue Sep 3 20:37:01 2002 From: randy@psg.com (Randy Bush) Date: Tue, 03 Sep 2002 12:37:01 -0700 Subject: [6bone] Re: ip6 conversion script References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> <20020903211955.R27015@Space.Net> Message-ID: >>> this still doesn't answer the question *why* those delegations are not >>> visible under ip6.arpa. >> ask your local RIR > What's wrong with delegating e.f.f.3.ip6.arpa to the same set of servers > that hold e.f.f.3.ip6.int? nothing that comes to mind right off > No need to involve RIRs here who do you think has to delagate? randy From mhw@wittsend.com Tue Sep 3 20:34:44 2002 From: mhw@wittsend.com (Michael H. Warfield) Date: Tue, 3 Sep 2002 15:34:44 -0400 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020903211955.R27015@Space.Net> References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> <20020903211955.R27015@Space.Net> Message-ID: <20020903193444.GA704@alcove.wittsend.com> On Tue, Sep 03, 2002 at 09:19:55PM +0200, Gert Doering wrote: > Hi, > On Tue, Sep 03, 2002 at 12:11:18PM -0700, Randy Bush wrote: > > > this still doesn't answer the question *why* those delegations are not > > > visible under ip6.arpa. > > ask your local RIR > What's wrong with delegating e.f.f.3.ip6.arpa to the same set of servers > that hold e.f.f.3.ip6.int? No need to involve RIRs here unless the > RIRs actually manage the space - which is currently under discussion, > but not yet established. Ok... So ask IANA. They hold ip6.arpa. Somebody has to enter that delegation into the root servers somewhere. I think they be who. > Gert Doering > -- NetMaster > -- > Total number of prefixes smaller than registry allocations: 46812 (46611) > > SpaceNet AG Mail: netmaster@Space.Net > Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 > 80807 Muenchen Fax : +49-89-32356-299 Mike -- Michael H. Warfield | (770) 985-6132 | mhw@WittsEnd.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0xDF1DD471 | possible worlds. A pessimist is sure of it! From gert@space.net Wed Sep 4 09:22:03 2002 From: gert@space.net (Gert Doering) Date: Wed, 4 Sep 2002 10:22:03 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: ; from randy@psg.com on Tue, Sep 03, 2002 at 12:37:01PM -0700 References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> <20020903211955.R27015@Space.Net> Message-ID: <20020904102203.T27015@Space.Net> Hi, On Tue, Sep 03, 2002 at 12:37:01PM -0700, Randy Bush wrote: > >>> this still doesn't answer the question *why* those delegations are not > >>> visible under ip6.arpa. > >> ask your local RIR > > What's wrong with delegating e.f.f.3.ip6.arpa to the same set of servers > > that hold e.f.f.3.ip6.int? > nothing that comes to mind right off So why do you expect those delegations to be never visible under ip6.int? > > No need to involve RIRs here > who do you think has to delagate? $ dig ip6.arpa soa [..] ;; ANSWER SECTION: ip6.arpa. 23h30m IN SOA dns1.icann.org. hostmaster.icann.org. ( 2002071701 ; serial 1H ; refresh 30M ; retry 1W ; expiry 3H ) ; minimum ;; ANSWER SECTION: ip6.arpa. 1d23h59m38s IN NS ns.icann.org. ip6.arpa. 1d23h59m38s IN NS buchu.arin.net. ip6.arpa. 1d23h59m38s IN NS svc00.apnic.net. ip6.arpa. 1d23h59m38s IN NS arrowroot.arin.net. ip6.arpa. 1d23h59m38s IN NS ns.ripe.net. ip6.arpa. 1d23h59m38s IN NS ns.apnic.net. doesn't look like a RIR to me. Secondaries, yes. But not the primary. The actual handling of the individual delegations inside 3ffe::/16 could be done the same way it's done with ip6.int now. As I don't hold 3ffe space, I don't know how e.f.f.3.ip6.int works right now, but it's no *technical* problem we're talking about. *And* the RIRs are *not* involved. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From randy@psg.com Wed Sep 4 09:32:19 2002 From: randy@psg.com (Randy Bush) Date: Wed, 04 Sep 2002 01:32:19 -0700 Subject: [6bone] Re: ip6 conversion script References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> <20020903211955.R27015@Space.Net> <20020904102203.T27015@Space.Net> Message-ID: >>> No need to involve RIRs here >> who do you think has to delagate? > $ dig ip6.arpa soa > [..] > ;; ANSWER SECTION: > ip6.arpa. 23h30m IN SOA dns1.icann.org. hostmaster.icann.org. ( > 2002071701 ; serial > 1H ; refresh > 30M ; retry > 1W ; expiry > 3H ) ; minimum > ... > doesn't look like a RIR to me. Secondaries, yes. But not the primary. aside from luis touton's usual attemted micro-management of the entire internet, i suspect that the next level of delegations are to the RIRs, who delegate to LIRs, and so forth. just as in v4. randy From gert@space.net Wed Sep 4 15:01:29 2002 From: gert@space.net (Gert Doering) Date: Wed, 4 Sep 2002 16:01:29 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: ; from randy@psg.com on Wed, Sep 04, 2002 at 01:32:19AM -0700 References: <200209030003.g8303fv00683@boreas.isi.edu> <3D744DA4.1000302@myrealbox.com> <20020903183514.O27015@Space.Net> <20020903211955.R27015@Space.Net> <20020904102203.T27015@Space.Net> Message-ID: <20020904160129.W27015@Space.Net> Hi, On Wed, Sep 04, 2002 at 01:32:19AM -0700, Randy Bush wrote: > >>> No need to involve RIRs here > >> who do you think has to delagate? > > $ dig ip6.arpa soa > > [..] > > ;; ANSWER SECTION: > > ip6.arpa. 23h30m IN SOA dns1.icann.org. hostmaster.icann.org. ( > > 2002071701 ; serial > > 1H ; refresh > > 30M ; retry > > 1W ; expiry > > 3H ) ; minimum > > ... > > doesn't look like a RIR to me. Secondaries, yes. But not the primary. > > aside from luis touton's usual attemted micro-management of the entire > internet, i suspect that the next level of delegations are to the RIRs, > who delegate to LIRs, and so forth. just as in v4. Why? Why not delegate to $ dig e.f.f.3.ip6.int soa / ns ;; ANSWER SECTION: e.f.f.3.ip6.int. 1D IN SOA dot.ep.net. hostmaster.ep.net. ( 2002080100 ; serial 3H ; refresh 15M ; retry 1W ; expiry 1d12h ) ; minimum ;; ANSWER SECTION: e.f.f.3.ip6.int. 23h59m46s IN NS ns3.nic.fr. e.f.f.3.ip6.int. 23h59m46s IN NS flag.ep.net. e.f.f.3.ip6.int. 23h59m46s IN NS imag.imag.fr. e.f.f.3.ip6.int. 23h59m46s IN NS munnari.oz.au. e.f.f.3.ip6.int. 23h59m46s IN NS y.ip6.int. e.f.f.3.ip6.int. 23h59m46s IN NS z.ip6.int. >From my outsider's point of view, those people are perfectly capable (and I'd expect them to be willing too) to manage the reverse domain. I see all of this as harmful political child games. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From bmanning@ISI.EDU Wed Sep 4 20:12:32 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 4 Sep 2002 12:12:32 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <3D744DA4.1000302@myrealbox.com> from "Aaron J. Angel" at "Sep 3, 2 00:50:28 am" Message-ID: <200209041912.g84JCWh08131@boreas.isi.edu> % Bill Manning wrote: % > ip6.int - the original anchor for v6 space. All delegations % > can be found here. % % Add: deprecated in favor of ip6.arpa. % % > ip6.arpa - the more recent anchor for v6 space. Some delegations % > can be found here. Some v6 delegations will never be % > found here. % % What makes you think some delegations will never be found here? % the disconnect between the addressing architecture and RFC 3152, section 3. (noting that there is this real thread of replies... perhaps I should read them first :) -- --bill From bmanning@ISI.EDU Wed Sep 4 20:15:08 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 4 Sep 2002 12:15:08 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020903094024.Z27015@Space.Net> from Gert Doering at "Sep 3, 2 09:40:24 am" Message-ID: <200209041915.g84JF8509778@boreas.isi.edu> % hi, % % On Mon, Sep 02, 2002 at 05:03:41PM -0700, Bill Manning wrote: % > ip6.arpa - the more recent anchor for v6 space. Some delegations % > can be found here. Some v6 delegations will never be % > found here. % % Why? % % I know that *today*, 3ffe isn't delegated under ip6.arpa, but besides % political bickering, I see no reason why this can't be fixed in the future. % % Having two reverse domains, one of them "official" and the other one % "complete" sucks big time. Yes, but what can be done? The address architecture doc calls out a number of distinct methods of creating v6 addresses. RFC 3152 section 3, kind of prohibits adding some of those things to ip6.arpa. % % Gert Doering % -- NetMaster % -- -- --bill From bmanning@ISI.EDU Wed Sep 4 20:19:47 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 4 Sep 2002 12:19:47 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: from Randy Bush at "Sep 3, 2 07:41:38 am" Message-ID: <200209041919.g84JJlN15794@boreas.isi.edu> % >> ip6.arpa - the more recent anchor for v6 space. Some delegations % >> can be found here. Some v6 delegations will never be % >> found here. % > What makes you think some delegations will never be found here? % % when ip6.int is removed in less than two years, they won't be found % at all. in american we have an expression "to cut one's nose off % to spite one's face." % % randy My reading of RFC 3152 indicates "phased out in an orderly fashion", not an arbitrary date that someone pulls from thin air. I would hope that all the vested parties, including the maintainer of the existing delegation were involved in discussions on how such an event would take place. --bill From bmanning@ISI.EDU Wed Sep 4 20:22:05 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 4 Sep 2002 12:22:05 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020904102203.T27015@Space.Net> from Gert Doering at "Sep 4, 2 10:22:03 am" Message-ID: <200209041922.g84JM5J18264@boreas.isi.edu> So, should I ask the IANA to make the entries for e.f.f.3.ip6.arpa to the same servers as e.f.f.3.ip6.int? % Hi, % % On Tue, Sep 03, 2002 at 12:37:01PM -0700, Randy Bush wrote: % > >>> this still doesn't answer the question *why* those delegations are not % > >>> visible under ip6.arpa. % > >> ask your local RIR % > > What's wrong with delegating e.f.f.3.ip6.arpa to the same set of servers % > > that hold e.f.f.3.ip6.int? % > nothing that comes to mind right off % % So why do you expect those delegations to be never visible under ip6.int? % % > > No need to involve RIRs here % > who do you think has to delagate? % % $ dig ip6.arpa soa % [..] % ;; ANSWER SECTION: % ip6.arpa. 23h30m IN SOA dns1.icann.org. hostmaster.icann.org. ( % 2002071701 ; serial % 1H ; refresh % 30M ; retry % 1W ; expiry % 3H ) ; minimum % ;; ANSWER SECTION: % ip6.arpa. 1d23h59m38s IN NS ns.icann.org. % ip6.arpa. 1d23h59m38s IN NS buchu.arin.net. % ip6.arpa. 1d23h59m38s IN NS svc00.apnic.net. % ip6.arpa. 1d23h59m38s IN NS arrowroot.arin.net. % ip6.arpa. 1d23h59m38s IN NS ns.ripe.net. % ip6.arpa. 1d23h59m38s IN NS ns.apnic.net. % % doesn't look like a RIR to me. Secondaries, yes. But not the primary. % % The actual handling of the individual delegations inside 3ffe::/16 could % be done the same way it's done with ip6.int now. As I don't hold 3ffe % space, I don't know how e.f.f.3.ip6.int works right now, but it's no % *technical* problem we're talking about. % % *And* the RIRs are *not* involved. % % Gert Doering % -- NetMaster % -- % Total number of prefixes smaller than registry allocations: 46812 (46611) % % SpaceNet AG Mail: netmaster@Space.Net % Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 % 80807 Muenchen Fax : +49-89-32356-299 % % _______________________________________________ % 6bone mailing list % 6bone@mailman.isi.edu % http://mailman.isi.edu/mailman/listinfo/6bone % -- --bill From gert@space.net Wed Sep 4 21:14:46 2002 From: gert@space.net (Gert Doering) Date: Wed, 4 Sep 2002 22:14:46 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <200209041915.g84JF8509778@boreas.isi.edu>; from bmanning@ISI.EDU on Wed, Sep 04, 2002 at 12:15:08PM -0700 References: <20020903094024.Z27015@Space.Net> <200209041915.g84JF8509778@boreas.isi.edu> Message-ID: <20020904221446.D27015@Space.Net> Hi On Wed, Sep 04, 2002 at 12:15:08PM -0700, Bill Manning wrote: > % I know that *today*, 3ffe isn't delegated under ip6.arpa, but besides > % political bickering, I see no reason why this can't be fixed in the future. > % > % Having two reverse domains, one of them "official" and the other one > % "complete" sucks big time. > > Yes, but what can be done? The address architecture doc > calls out a number of distinct methods of creating v6 > addresses. RFC 3152 section 3, kind of prohibits adding > some of those things to ip6.arpa. In a way, yes. Seen some other way, there is a "6bone registry", which could be seen as a perfectly fine (special case) RIR on its own. The "region" it's serving is "the 6bone". The RFC doesn't enumerate the RIRs it's talking about, nor does it define "regional IP registry" in any specific way. I am repeating myself here: this is political nonsense. Let's fix the technical issues. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From gert@space.net Wed Sep 4 21:21:22 2002 From: gert@space.net (Gert Doering) Date: Wed, 4 Sep 2002 22:21:22 +0200 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <200209041922.g84JM5J18264@boreas.isi.edu>; from bmanning@ISI.EDU on Wed, Sep 04, 2002 at 12:22:05PM -0700 References: <20020904102203.T27015@Space.Net> <200209041922.g84JM5J18264@boreas.isi.edu> Message-ID: <20020904222122.E27015@Space.Net> Hi, On Wed, Sep 04, 2002 at 12:22:05PM -0700, Bill Manning wrote: > So, should I ask the IANA to make the entries for e.f.f.3.ip6.arpa > to the same servers as e.f.f.3.ip6.int? If you ask *me*, I'd say *yes*, please do so. (On the other hand I'm just a big-mouthed network operator sitting in a faraway country who doesn't know anything about the political struggles behind the scenes...) I find this hole ip6.int/ip6.arpa issue distasteful, but as long as people are using 3ffe space - which might go on for quite a while - it really should be possible to get a working reverse DNS using the same officially sanctioned mechanisms as for 2001 space. Otherwise implementations will go on querying ip6.int (or both reverse trees) forever. If reverse DNS is officially declared dead altogether, so be it - but until that, please apply the same rules to all kinds of address space that are still in "normal" use. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46812 (46611) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From abdul rouf" Hi all, Could anybody give me a pointer to any link or doc so that cud help me in preparing presentation starting from technical case, Efforts and time required,cost incurred to migrate applications like mail, proxy, DNS, DHCP and deployment methods for a small/medium/large enterprise as well ISPs. TIA Regards,Abdul Rouf From JORDI PALET MARTINEZ" Message-ID: <04f401c2552d$f782a9e0$8700000a@consulintel.es> Dear all, As I already commented in the last weeks, this pTLA is being used by the Euro6IX project during next 2.5 years. There is a 1st deliverable that I will like to expose to the 6Bone community, with includes the project preliminary vision about our IPv6 IX concept. This document is D2.1 (Specification of the internal network architecture of each IX). Please visit www.euro6ix.org (see section documents and then deliverables). Other documents, specially several presentations about the project work are available at the presentations and general sections (also inside documents). You will need to register, so we can keep you updated with any progress and new documents released by the project. As Bob indicated, I will be very happy to report our work, issues, and impatient to get your feedback that I hope will be helpful to the Internet community in our evolution to IPv6. So, please, let me know your thoughts ! Regards, Jordi ----- Original Message ----- From: "Bob Fink" To: "6BONE List" <6bone@mailman.isi.edu> Cc: "JORDI PALET MARTINEZ" ; "6bone reverse DNS registration" Sent: Tuesday, September 03, 2002 5:14 PM Subject: [6bone] 6bone pTLA 3FFE:4011::/32 allocated to EURO6IX > EURO6IX has been allocated pTLA 3FFE:4011::/32 having finished its 2-week > review period. This pTLA is allocated specifically for the first attempt to > try the new type of exchange-based aggregation talked about in RFC2374, "An > IPv6 Aggregatable Global Unicast Address Format". > > I would appreciate seeing a report in one year detailing the lessons > learned about exchange-based aggregation so that the IPv6 operational > community can benefit. > > Note that it will take a short while for a EURO6IX IPv6-site and pTLA > inet6num entry to appear in the 6bone registry as they have yet to be > created. However, the pTLA registration is listed on: > > > > > [To create a reverse DNS registration for pTLAs, please send the prefix > allocated above, and a list of at least two authoritative nameservers, to > hostmaster@ep.net.] > > > Thanks, > > Bob > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > *********************************************************** Madrid 2002 Global IPv6 Summit See all the documents on line at: www.ipv6-es.com From nicolas.deffayet@ndsoftware.net Fri Sep 6 20:59:18 2002 From: nicolas.deffayet@ndsoftware.net (Nicolas DEFFAYET) Date: 06 Sep 2002 21:59:18 +0200 Subject: [6bone] 6bone whois snapshot Message-ID: <1031342358.5198.280.camel@wks1.fr.corp.ndsoftware.com> Hello, The 6bone whois snapshot (ftp://whois.6bone.net/6bone/6bone.db.gz) is not updated since 20020827. A lot of tools use this snapshot: ASpath-tree, pinger6, UK IPv6 Resource Centre,... It's possible to fix this ? Best regards, Nicolas DEFFAYET From nsayer@quack.kfu.com Wed Sep 11 00:05:16 2002 From: nsayer@quack.kfu.com (Nick Sayer) Date: Tue, 10 Sep 2002 16:05:16 -0700 Subject: [6bone] Problems with routing from 6to4? Message-ID: <3D7E7AAC.2050402@kfu.com> When I try and get home from a 6to4 site, I get this... Tracing route to quack.kfu.com [3ffe:1200:301b:0:2d0:b7ff:febe:e2a8] from 2002:[blah blah] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms 2002:[blah blah] 2 216 ms 219 ms 218 ms 2001:620:0:38::2 3 279 ms 210 ms 203 ms 3ffe:4006:0:3::11 4 209 ms 218 ms 206 ms 3ffe:4005:0:1::15 5 234 ms 224 ms 228 ms 3ffe:4005:0:1::17 6 3ffe:4005:0:1::17 reports: No route to destination. Trace complete. I find no whois data for 3ffe:4005. Is it just me? (if this has been discussed recently, I may have missed it as I had some subscription trouble) From nicolas.deffayet@ndsoftware.net Wed Sep 11 01:15:47 2002 From: nicolas.deffayet@ndsoftware.net (Nicolas DEFFAYET) Date: 11 Sep 2002 02:15:47 +0200 Subject: [6bone] Problems with routing from 6to4? In-Reply-To: <3D7E7AAC.2050402@kfu.com> References: <3D7E7AAC.2050402@kfu.com> Message-ID: <1031703347.657.9.camel@wks1.fr.corp.ndsoftware.com> On Wed, 2002-09-11 at 01:05, Nick Sayer wrote: > > When I try and get home from a 6to4 site, I get this... > > Tracing route to quack.kfu.com [3ffe:1200:301b:0:2d0:b7ff:febe:e2a8] > from 2002:[blah blah] over a maximum of 30 hops: > > 1 <1 ms <1 ms <1 ms 2002:[blah blah] > 2 216 ms 219 ms 218 ms 2001:620:0:38::2 > 3 279 ms 210 ms 203 ms 3ffe:4006:0:3::11 > 4 209 ms 218 ms 206 ms 3ffe:4005:0:1::15 > 5 234 ms 224 ms 228 ms 3ffe:4005:0:1::17 > 6 3ffe:4005:0:1::17 reports: No route to destination. > > Trace complete. traceroute to 2002:: (2002::) from 3ffe:81f1:21:1::5, 30 hops max, 16 byte packets 1 feth1-0-levgw1.fr.corp.ndsoftware.net (3ffe:81f1:21:1::1) 0.457 ms 0.159 ms 0.133 ms 2 eth1-0-parcr2.fr.ndsoftwarenet.net (3ffe:81f1:12:1::1) 1.025 ms 0.987 ms 0.981 ms 3 feth0-1-parcr1.fr.ndsoftwarenet.net (3ffe:81f1:0:1::1) 67.971 ms 69.796 ms 70.712 ms 4 v6-tunnel25-uk6x.ipv6.btexact.com (2001:7f8:2:c01d::2) 85.815 ms 80.597 ms 83.075 ms 5 leanet-core-ips-a2-0-2.ipv6.btexact.com (2001:618:1::2) 84.434 ms 85.273 ms 84.442 ms 6 * * * > > I find no whois data for 3ffe:4005. inet6num: 3FFE:4005::/32 netname: KEWLIO > > Is it just me? (if this has been discussed recently, I may have missed > it as I had some subscription trouble) > For me 6to4 workfine. Ask Kewlio for check routing of 2002::/16. Best Regards, Nicolas DEFFAYET http://noc.ndsoftwarenet.com #nocpeople @ IRCnet From itojun@iijlab.net Wed Sep 11 01:55:29 2002 From: itojun@iijlab.net (Jun-ichiro itojun Hagino) Date: Wed, 11 Sep 2002 09:55:29 +0900 Subject: [6bone] Problems with routing from 6to4? In-Reply-To: nsayer's message of Tue, 10 Sep 2002 16:05:16 MST. <3D7E7AAC.2050402@kfu.com> Message-ID: <20020911005529.18C487B9@starfruit.itojun.org> >I find no whois data for 3ffe:4005. whois -h whois.6bone.net 3ffe:4005::/32 itojun From Daniel Austin" Message-ID: <00e801c25972$f4c9b9c0$611c08d9@kewlio.net> This is a multi-part message in MIME format. ------=_NextPart_000_00E1_01C2597B.4189E200 Content-Type: text/plain; charset="ISO-8859-15" Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Nick, 3ffe:4005::/32 = Kewlio.net Limited. periodically, my peering to AS33 stops working - it's a problem i'm looking at. I've reset the peering and it should route again now. Sorry for the inconvenience! With Thanks, Daniel Austin, Managing Director, kewlio.net Limited. - ----- Original Message ----- From: "Nick Sayer" To: <6bone@ISI.EDU> Sent: Wednesday, September 11, 2002 12:05 AM Subject: [6bone] Problems with routing from 6to4? > > When I try and get home from a 6to4 site, I get this... > > Tracing route to quack.kfu.com > [3ffe:1200:301b:0:2d0:b7ff:febe:e2a8] from 2002:[blah blah] over a > maximum of 30 hops: > > 1 <1 ms <1 ms <1 ms 2002:[blah blah] > 2 216 ms 219 ms 218 ms 2001:620:0:38::2 > 3 279 ms 210 ms 203 ms 3ffe:4006:0:3::11 > 4 209 ms 218 ms 206 ms 3ffe:4005:0:1::15 > 5 234 ms 224 ms 228 ms 3ffe:4005:0:1::17 > 6 3ffe:4005:0:1::17 reports: No route to destination. > > Trace complete. > > I find no whois data for 3ffe:4005. > > Is it just me? (if this has been discussed recently, I may have > missed it as I had some subscription trouble) > > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 7.0.3 for non-commercial use Comment: Kewlio.net Limited iQA/AwUBPX8IK7h6Srl/AD3mEQIx+QCglfiW5HVCI2UrEUknpvm72eyj7Q0Anilm VyiMmhcnXc0ao7EMi0wXvCKm =izuZ -----END PGP SIGNATURE----- ------=_NextPart_000_00E1_01C2597B.4189E200 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIIYzCCAnow ggHjoAMCAQICARcwDQYJKoZIhvcNAQEFBQAwUzELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0VxdWlm YXggU2VjdXJlIEluYy4xJjAkBgNVBAMTHUVxdWlmYXggU2VjdXJlIGVCdXNpbmVzcyBDQS0xMB4X DTAyMDQxODE1MjkzN1oXDTIwMDQxMzE1MjkzN1owTjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdl b1RydXN0IEluYy4xJzAlBgNVBAMTHkdlb1RydXN0IFRydWUgQ3JlZGVudGlhbHMgQ0EgMjCBnzAN BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAspcspZISpYX/aJqWoYcSyyGqFby3OvsepRzLRU0ENDJR wJo7DwFpirRFOUQkTkKXsY6BQzX/CeCRrn9i4ny5gcXuI2JSyrSmDwobbwl52n5cPEbHGcebybWd KfAf8vvkxYUnTmDZPtt2ob5RNpJTeTiq9MpNCB/5G7Ocr1hEljcCAwEAAaNjMGEwDgYDVR0PAQH/ BAQDAgHGMB0GA1UdDgQWBBQig0tNIAIMMfR8WrAaTRXIeF0RSTAPBgNVHRMBAf8EBTADAQH/MB8G A1UdIwQYMBaAFEp4MlIR21kWNl7fwRQ2QGpHfEyhMA0GCSqGSIb3DQEBBQUAA4GBACmw3z+sLsLS fAfdECQJPfiZFzJzSPQKLwY7vHnNWH2lAKYECbtAFHBpdyhSPkrj3KghXeIJnKyMFjsK6xd1k1Yu wMXrauUH+HIDuZUg4okBwQbhBTqjjEdo/cCHILQsaLeU2kM+n5KKrpb0uvrHrocGffRMrWhz9zYB lxoq0/EEMIICgjCCAeugAwIBAgIBBDANBgkqhkiG9w0BAQQFADBTMQswCQYDVQQGEwJVUzEcMBoG A1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1c2lu ZXNzIENBLTEwHhcNOTkwNjIxMDQwMDAwWhcNMjAwNjIxMDQwMDAwWjBTMQswCQYDVQQGEwJVUzEc MBoGA1UEChMTRXF1aWZheCBTZWN1cmUgSW5jLjEmMCQGA1UEAxMdRXF1aWZheCBTZWN1cmUgZUJ1 c2luZXNzIENBLTEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM4vGbwXt3fek6lfWg0XTzQa DJj0ItlZ1MRoRvC0NcWFAyDGr0WlIVFFQesWWDYyb+JQYmT5/VGcqiTZ9J2DKocKIdMSODRsjQBu WqDZQu4aIZX5UkxVWsUPOE9G+m34LjXWHXzr4vCwdYDIqROsvojvOm6rXyo4YgKwEnv+j6YDAgMB AAGjZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFEp4 MlIR21kWNl7fwRQ2QGpHfEyhMB0GA1UdDgQWBBRKeDJSEdtZFjZe38EUNkBqR3xMoTANBgkqhkiG 9w0BAQQFAAOBgQB1W6ibAxHm6VZMzfmpTMANmvPMZWnmJXbMWbfWVMMdzZmsGd20hdXgPfxiIKeE S1hl8eL5lSE/9dR+WB5Hh1Q+WKG1tfgq73HnvMP2sUlG4tega+VWeponmHxGYhTnyfxuAxJ5gDgd SIKN/Bf+KpYrtWKmpj29f5JZzVoqgrI3eTCCA1swggLEoAMCAQICAxAAazANBgkqhkiG9w0BAQQF ADBOMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEnMCUGA1UEAxMeR2VvVHJ1 c3QgVHJ1ZSBDcmVkZW50aWFscyBDQSAyMB4XDTAyMDgwMTE4MjYzOVoXDTAzMDgxNTE4MjYzOVow ggERMT8wPQYDVQQLEzZDUFMgdGVybXMgaW5jb3Jwb3JhdGVkIGJ5IHJlZmVyZW5jZSBsaWFiaWxp dHkgbGltaXRlZC4xPjA8BgNVBAsTNVNlZSBQdWJsaWMgUy9NSU1FIENQUyB3d3cuZ2VvdHJ1c3Qu Y29tL3Jlc291cmNlcy9DUFMuMSowKAYDVQQLEyFQaG9uZSBWYWxpZGF0aW9uIC0gNDQgNzk3MC02 MzMzMzMxKDAmBgNVBAsTH0VtYWlsIGFuZCBwaG9uZSB2YWxpZGF0ZWQgb25seS4xFjAUBgNVBAMT DURhbmllbCBBdXN0aW4xIDAeBgkqhkiG9w0BCQEWEWRhbmllbEBrZXdsaW8ubmV0MIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQCnZ7IrV88D55wCg31dENNY6z1/ehvUcOxWC4sh5hJMgMXNefiR mXQiDD6iRESdk5UJ5usgZZr40ICYwlpjBUY6xBTe4LNLiC1UPVZ9uF3Z05CVgvgXEhvqC3p8WM3O sKYfGXL7k49xmBU9TvpkExdxSEYJoK4rK77qRFC5HuKcMwIDAQABo4GBMH8wEQYJYIZIAYb4QgEB BAQDAgWgMA4GA1UdDwEB/wQEAwIF4DA5BgNVHR8EMjAwMC6gLKAqhihodHRwOi8vY3JsLmdlb3Ry dXN0LmNvbS9jcmxzL2d0dGNjYTIuY3JsMB8GA1UdIwQYMBaAFCKDS00gAgwx9HxasBpNFch4XRFJ MA0GCSqGSIb3DQEBBAUAA4GBABslhvo5nWHvXY0xcGwSdigKcnAIgRiH8zlmbKYyWCf0+qwjEVbc 7wccsKNWNr3D007R66JZtCiktuuc6CBsuxBzsBVS4uEA8YUXM3XNJM4mgTFdUfG+SOQaN30E4xtF vgGqDTSea6Q0tz2TbA8Xb+YUhEO3tbU8ulXdWLX7TI4YMYIBuDCCAbQCAQEwVTBOMQswCQYDVQQG EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEnMCUGA1UEAxMeR2VvVHJ1c3QgVHJ1ZSBDcmVk ZW50aWFscyBDQSAyAgMQAGswCQYFKw4DAhoFAKCBujAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB MBwGCSqGSIb3DQEJBTEPFw0wMjA5MTEwOTA5MDNaMCMGCSqGSIb3DQEJBDEWBBSLQKZW/T0gl71I igF9ewgc8Zu8zjBbBgkqhkiG9w0BCQ8xTjBMMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDAN BggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDAHBgUrDgMCHTANBgkqhkiG9w0B AQEFAASBgGg/GA5/zERsDv3nyJVZuTQh8CRt0wHf1YUuNwjkAQaQ1oKa4eJh1EmWBQ91zhysiuI2 KP8s1Nd2+kw2s2KbGMBjekTzguVGAASGgqndA3tYUHhU2UryuwYWLY8QKS0ONwABDZoeT2FqO1JS 6SUS0fITUfvyyLCGWjjerZQn/ahPAAAAAAAA ------=_NextPart_000_00E1_01C2597B.4189E200-- From David Terrell Wed Sep 11 10:47:55 2002 From: David Terrell (David Terrell) Date: Wed, 11 Sep 2002 02:47:55 -0700 Subject: [6bone] Re: ip6 conversion script In-Reply-To: <200209041915.g84JF8509778@boreas.isi.edu> References: <20020903094024.Z27015@Space.Net> <200209041915.g84JF8509778@boreas.isi.edu> Message-ID: <20020911094755.GA16026@pianosa.catch22.org> On Wed, Sep 04, 2002 at 12:15:08PM -0700, Bill Manning wrote: > Yes, but what can be done? The address architecture doc > calls out a number of distinct methods of creating v6 > addresses. RFC 3152 section 3, kind of prohibits adding > some of those things to ip6.arpa. Are you sure you shouldn't be bickering with the IAB? Reread that first sentence. :) Hmm, "single point of contact". 3. IANA Considerations This memo requests that the IANA delegate the IP6.ARPA domain following instructions to be provided by the IAB. Names within this zone are to be further delegated to the regional IP registries in accordance with the delegation of IPv6 address space to those registries. The names allocated should be hierarchic in accordance with the address space assignment. -- David Terrell | "When we said that you needed to cut the dbt@meat.net | wires for ultimate security, we didn't Nebcorp Prime Minister | mean that you should go wireless instead." http://wwn.nebcorp.com/ | - Casper Dik From bmanning@ISI.EDU Wed Sep 11 11:49:49 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 11 Sep 2002 03:49:49 -0700 (PDT) Subject: [6bone] Re: ip6 conversion script In-Reply-To: <20020911094755.GA16026@pianosa.catch22.org> from David Terrell at "Sep 11, 2 02:47:55 am" Message-ID: <200209111049.g8BAnoV26148@boreas.isi.edu> % On Wed, Sep 04, 2002 at 12:15:08PM -0700, Bill Manning wrote: % > Yes, but what can be done? The address architecture doc % > calls out a number of distinct methods of creating v6 % > addresses. RFC 3152 section 3, kind of prohibits adding % > some of those things to ip6.arpa. % % Are you sure you shouldn't be bickering with the IAB? Reread that % first sentence. :) % % Hmm, "single point of contact". % % 3. IANA Considerations % % This memo requests that the IANA delegate the IP6.ARPA domain % following instructions to be provided by the IAB. Names within this % zone are to be further delegated to the regional IP registries in % accordance with the delegation of IPv6 address space to those % registries. The names allocated should be hierarchic in accordance % with the address space assignment. % -- % David Terrell | "When we said that you needed to cut the Yup, pretty sure. The IAB has mgmt of .ARPA and have, per RFC 3152 delegated mgmt of IP6.ARPA to the RIRs. -- --bill From simon@limmat.switch.ch Wed Sep 11 13:17:28 2002 From: simon@limmat.switch.ch (Simon Leinen) Date: 11 Sep 2002 14:17:28 +0200 Subject: [6bone] Problems with routing from 6to4? In-Reply-To: <3D7E7AAC.2050402@kfu.com> References: <3D7E7AAC.2050402@kfu.com> Message-ID: Nick, the meta-answer is that DNS is your friend - you should use a traceroute that resolves IPv6 addresses into hostnames. It really makes debugging easier! On Tue, 10 Sep 2002 16:05:16 -0700, Nick Sayer said: > When I try and get home from a 6to4 site, I get this... > Tracing route to quack.kfu.com [3ffe:1200:301b:0:2d0:b7ff:febe:e2a8] > from 2002:[blah blah] over a maximum of 30 hops: > 1 <1 ms <1 ms <1 ms 2002:[blah blah] > 2 216 ms 219 ms 218 ms 2001:620:0:38::2 That's "swi6T1-T22.switch.ch", so you seem to be using us (SWITCH) as the (anycast) 6to4 relay. > 3 279 ms 210 ms 203 ms 3ffe:4006:0:3::11 ^^^^^^^^^^^^^^^^^ That's "freestone-upctech.tun.ipv6.as8758.net" > 4 209 ms 218 ms 206 ms 3ffe:4005:0:1::15 That's "london1-manchester1-gw.ipv6.kewlio.net" > 5 234 ms 224 ms 228 ms 3ffe:4005:0:1::17 That's "london1-manchester2-gw.ipv6.kewlio.net" > 6 3ffe:4005:0:1::17 reports: No route to destination. > Trace complete. > I find no whois data for 3ffe:4005. I don't know the root of the problem, but apparently KEWLIO announced 3ffe:1200::/24 to AS8758 and AS8758 announced it on to us, but when your packets got to KEWLIO, they were dropped. Maybe KEWLIO expects to have a more specific route to you, or their tunnel to DIGITAL-CA (your pTLA) had a problem. Right now we do have a good route to DIGITAL-CA and to you: $ traceroute 3ffe:1200:301b:0:2d0:b7ff:febe:e2a8 traceroute: Warning: Multiple interfaces found; using 3ffe:2000:0:4:a00:20ff:fea2:f7f @ hme0:3 traceroute to 3ffe:1200:301b:0:2d0:b7ff:febe:e2a8, 30 hops max, 60 byte packets 1 swiCS1-F2-0-0.ipv6.switch.ch (3ffe:2000:0:4:2e0:8fff:fe6e:7c40) 1.341 ms 1.368 ms 0.985 ms 2 swi6T1-F0-1.switch.ch (2001:620:0:20::6) 1.794 ms 3.428 ms 1.519 ms 3 chello-swi6T1.ipv6.switch.ch (3ffe:2000:0:40f::1aae) 49.611 ms 51.774 ms 61.456 ms 4 chello-gw1.ipv6.edisontel.it (2001:730::1:f) 83.878 ms 83.952 ms 83.117 ms 5 digital-ca-tunnel.ipv6.cisco.com (3ffe:c00:8023:13::2) 233.502 ms 233.787 ms * 6 quack.kfu.com (3ffe:1200:301b:0:2d0:b7ff:febe:e2a8) 266.017 ms 259.967 ms 261.368 ms Does the route from 6to4 work for you now? -- Simon. From kni501ss@optushome.com.au Wed Sep 11 14:08:34 2002 From: kni501ss@optushome.com.au (kni501ss) Date: Wed, 11 Sep 2002 23:08:34 +1000 Subject: [6bone] client/gw config Message-ID: <3D7F4052.6010809@optushome.com.au> Hi all. I have the following setup: to ISP (using dhcp client) / / To freenet6 (with configured account) / / rl0 gif0 | | (tspc) ----------- | | (openbsd 3.1) | | ----------- | (dhcpd ipv4) dc0 (lan side) | | |------ [ linux box ] (Debian) | | |-------[ other os box ] How do I give a 'real' IPV6 address to the linux box ? Cheers, Marco From pim@ipng.nl Wed Sep 11 14:44:21 2002 From: pim@ipng.nl (Pim van Pelt) Date: Wed, 11 Sep 2002 15:44:21 +0200 Subject: [6bone] client/gw config In-Reply-To: <3D7F4052.6010809@optushome.com.au> References: <3D7F4052.6010809@optushome.com.au> Message-ID: <20020911134421.GB10339@bfib.colo.bit.nl> Hoi, man rtadvd (on your OpenBSD router box) For Linux, check /proc/sys/net/ipv6/conf/default/, make sure accept_ra is '1', which it always is on Linux. Other (smarter) OSes do not automatically accept router advertisements (that your openbsd 3.1 box will be generating). See also the 'net.inet6.ip6.accept_rtadv' on BSD boxes. groet, Pim On Wed, Sep 11, 2002 at 11:08:34PM +1000, kni501ss wrote: | Hi all. | I have the following setup: | | to ISP (using dhcp client) | / | / To freenet6 (with configured account) | / / | rl0 gif0 | | | (tspc) | ----------- | | | (openbsd 3.1) | | | | ----------- | | (dhcpd ipv4) | dc0 (lan side) | | | | | |------ [ linux box ] (Debian) | | | | | |-------[ other os box ] | | How do I give a 'real' IPV6 address to the linux box ? | | Cheers, | Marco | | _______________________________________________ | 6bone mailing list | 6bone@mailman.isi.edu | http://mailman.isi.edu/mailman/listinfo/6bone -- ---------- - - - - -+- - - - - ---------- Pim van Pelt Email: pim@ipng.nl http://www.ipng.nl/ IPv6 Deployment ----------------------------------------------- From md+6bone@Linux.IT Wed Sep 11 10:58:38 2002 From: md+6bone@Linux.IT (Marco d'Itri) Date: Wed, 11 Sep 2002 11:58:38 +0200 Subject: [6bone] IPv6 spam Message-ID: <20020911151518.0BB3833B28@wonderland.linux.it> [HE.NET tech-c Cc:ed in the hope they can explain this. My formmail.pl honeypot just received a posting attempt[1] from a he.net IPv6 address: 3ffe:81d0:ffff::3 - - [11/Sep/2002:11:16:05 +0200] "POST /cgi-bin/formmail.pl HTTP/1.0" 200 1394 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98; AIRF; .NET CLR 1.0.3705)" ipv6.he.net AAAA 3FFE:81D0:FFFF:0:0:0:0:3 Has anybody else seen similar things happening over IPv6 yet? [1] Not a probe or the result of something legitimate, the POST payload was part of a spam run for a gay porn site which is being sent from many IPv4 open proxies. -- ciao, Marco From lists.fcu@no-way.org Wed Sep 11 16:50:58 2002 From: lists.fcu@no-way.org (Flavio Curti) Date: Wed, 11 Sep 2002 17:50:58 +0200 Subject: [6bone] ipv6 setup question Message-ID: <20020911155058.GL17048@no-way.org> hi hope nobody minds me asking this in the 6bone list, but i'm running out of lists where i can ask (tried debian-ipv6, snap-users, openbsd-ipv6, openbsd-misc, usagi). hope somebody has an idea! i want to setup the following: 3ffe:2029:8400:0:1::1 - openbsd 3.1-stable router (i386) xl0 3ffe:2029:8400:0:1::1 xl1 no addresses bridge0 - xl0 and xl1 the linux, linuxusagi and the netbsd machines are connected to a hub, which is connected to xl1. \--- 3ffe:2029:8400:0:1::2 - linux usagi 2.2.19 box (i386) \--- 3ffe:2029:8400:0:1::3 - normal linux 2.2.19 box (i386) \--- 3ffe:2029:8400:0:1::4 - netbsd 1.5 (alpha) when i try to ping6 the gateway from the linux boxes it fails. (host unreachable): --(linux2219usagi: $:~)-- ping6 3ffe:2029:8400:0:1::1 PING 3ffe:2029:8400:0:1::1(3ffe:2029:8400:0:1::1) from \ 3ffe:2029:8400:0:1::2 : 56 data bytes >From 3ffe:2029:8400:0:1::2 icmp_seq=3 Destination unreachable: Address \ unreachable --(linux2219usagi: $:~)-- ip -6 neigh --(linux2219usagi: $:~)-- (the same from the linux2219 box.) and the same from the netbsd box. however as soon as i ping the linux box from the openbsd box: --(openbsd: $:~)-- ping6 3ffe:2029:8400:0:1::2 PING6(56=40+8+8 bytes) 3ffe:2029:8400:0:1::1 --> 3ffe:2029:8400:0:1::2 16 bytes from 3ffe:2029:8400:0:1::2, icmp_seq=5 hlim=64 time=27.794 ms 16 bytes from 3ffe:2029:8400:0:1::2, icmp_seq=8 hlim=64 time=7.178 ms --- 3ffe:2029:8400:0:1::2 ping6 statistics --- 9 packets transmitted, 6 packets received, 33% packet loss round-trip min/avg/max/std-dev = 2.870/517.059/2028.869/771.456 ms it makes the entries just fine and i can ping the other way around fine: --(linux2219usagi: $:~)-- ip -6 neigh 3ffe:2029:8400:0:1::1 dev eth0 lladdr 00:50:da:84:bf:49 router nud stale fe80::250:daff:fe84:bf49 dev eth0 lladdr 00:50:da:84:bf:49 nud stale i did a tcpdump on the openbsd box, showing the linux2219usagi box trying to ping the openbsd box: --($:~)-- tcpdump -i xl0 -n proto ipv6-icmp tcpdump: listening on xl0 17:36:55.462827 3ffe:2029:8400:0:1::2 > ff02::1:ff00:1: icmp6: neighbor sol: who has 3ffe:2029:8400:0:1::1 17:36:56.462734 3ffe:2029:8400:0:1::2 > ff02::1:ff00:1: icmp6: neighbor sol: who has 3ffe:2029:8400:0:1::1 so i now have exactly the same problem with the netbsd box as well. ping between the boxes netbsd, linux2219, linux2219usagi works. ping to the openbsd bridge from one of the boxes does not work. when i ping from the openbsd box to one of the boxes it works. after that, the back-ping does work too!! so it definitly seems to be some openbsd problem. (is it the bridge that makes problems? i will try this on wendesday when i got console access to that firewall box) i hope you have an idea, thank you and greetz Flavio -- http://no-way.org/~fcu/ From jeroen@unfix.org Wed Sep 11 17:41:07 2002 From: jeroen@unfix.org (Jeroen Massar) Date: Wed, 11 Sep 2002 18:41:07 +0200 Subject: [6bone] ipv6 setup question In-Reply-To: <20020911155058.GL17048@no-way.org> Message-ID: <003a01c259b2$07317e10$420d640a@unfix.org> Flavio Curti wrote: > 3ffe:2029:8400:0:1::1 - openbsd 3.1-stable router (i386) > xl0 3ffe:2029:8400:0:1::1 > xl1 no addresses > bridge0 - xl0 and xl1 > the linux, linuxusagi and the netbsd machines are connected to a hub, > which is connected to xl1. > so it definitly seems to be some openbsd problem. (is it the > bridge that makes problems? i will try this on wendesday when i got console access > to that firewall box) It's the bridge. Why don't you try the thing called routing ? :) Greets, Jeroen From lists.fcu@no-way.org Wed Sep 11 21:12:11 2002 From: lists.fcu@no-way.org (Flavio Curti) Date: Wed, 11 Sep 2002 22:12:11 +0200 Subject: [6bone] ipv6 setup question In-Reply-To: <003a01c259b2$07317e10$420d640a@unfix.org> References: <20020911155058.GL17048@no-way.org> <003a01c259b2$07317e10$420d640a@unfix.org> Message-ID: <20020911201211.GM17048@no-way.org> hi On Wed, Sep 11, 2002 at 06:41:07PM +0200, Jeroen Massar wrote: > Flavio Curti wrote: > > > 3ffe:2029:8400:0:1::1 - openbsd 3.1-stable router (i386) > > xl0 3ffe:2029:8400:0:1::1 > > xl1 no addresses > > bridge0 - xl0 and xl1 > > the linux, linuxusagi and the netbsd machines are connected to a hub, > > which is connected to xl1. > > > > so it definitly seems to be some openbsd problem. (is it the > > bridge that makes problems? i will try this on wendesday when i got > console access > > to that firewall box) > > It's the bridge. > Why don't you try the thing called routing ? :) well, i only got a /29 in ipv4 space, so i need the bridge for my dmz setup... any clues on how-to make it work through the bridge? (or what exactly is problematic about the bridge? is there no possibility to run ipv6 over a bridge?) thank you & greetz Flavio -- http://no-way.org/~fcu/ From oneillm@mail.state.fl.us Wed Sep 11 21:47:46 2002 From: oneillm@mail.state.fl.us (oneillm) Date: Wed, 11 Sep 2002 16:47:46 -0400 Subject: [6bone] unsubsribe Message-ID: <3D7FABF2.B12401D7@mail.state.fl.us> From mcr@sandelman.ottawa.on.ca Wed Sep 11 22:05:54 2002 From: mcr@sandelman.ottawa.on.ca (Michael Richardson) Date: Wed, 11 Sep 2002 17:05:54 -0400 Subject: [6bone] client/gw config In-Reply-To: Your message of "Wed, 11 Sep 2002 23:08:34 +1000." <3D7F4052.6010809@optushome.com.au> Message-ID: <200209112106.g8BL5tor021945@marajade.sandelman.ottawa.on.ca> -----BEGIN PGP SIGNED MESSAGE----- >>>>> "kni501ss" == kni501ss writes: kni501ss> / / kni501ss> rl0 gif0 kni501ss> | | (tspc) kni501ss> ----------- kni501ss> | | (openbsd 3.1) kni501ss> | | kni501ss> ----------- kni501ss> | (dhcpd ipv4) kni501ss> dc0 (lan side) kni501ss> | kni501ss> | kni501ss> |------ [ linux box ] (Debian) kni501ss> | kni501ss> | kni501ss> |-------[ other os box ] kni501ss> How do I give a 'real' IPV6 address to the linux box ? You run rtadvd on the openbsd box. From my NetBSD router: # service network de3:\ :addrs#2:\ :addr0="2002:401A:9BFE:0003::":\ :addr1="2001:0410:0402:0003::":tc=ether: #:addr3="3ffe:1ce1:0:fe51::":tc=ether: 270 ?? Is 1:39.68 /usr/sbin/rtadvd de1 de2 de3 That means that you have to subnet your address space from freenet6. You'll notice that suspicously, the network on de*3* is :0003: ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[ ] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[ ] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) Comment: Finger me for keys iQCVAwUBPX+wL4qHRg3pndX9AQHofwP/c4qGBRn2OqQOrQ7KZRi2IiYlEva/mZLA cRCwmpxqQr33QhcCOLjLZ8sO2LTGp1149VikdRKGBx4n2GN/lswfd6G+swjpKZGI sWVlcvVFB4L7wQzrbJ9hq4SgSQyRO4a5ZYbcjyOqreNGtonAJ9KOzgkCFheLvwfO i2KhaRjTitw= =Ff1s -----END PGP SIGNATURE----- From kni501ss@optushome.com.au Thu Sep 12 00:15:33 2002 From: kni501ss@optushome.com.au (kni501ss) Date: Thu, 12 Sep 2002 09:15:33 +1000 Subject: [6bone] client/gw config References: <200209112106.g8BL5tor021945@marajade.sandelman.ottawa.on.ca> Message-ID: <3D7FCE95.906@optushome.com.au> Michael Richardson wrote: >-----BEGIN PGP SIGNED MESSAGE----- > > > > >>>>>>"kni501ss" == kni501ss writes: >>>>>> >>>>>> > kni501ss> / / > kni501ss> rl0 gif0 > kni501ss> | | (tspc) > kni501ss> ----------- > kni501ss> | | (openbsd 3.1) > kni501ss> | | > kni501ss> ----------- > kni501ss> | (dhcpd ipv4) > kni501ss> dc0 (lan side) > kni501ss> | > kni501ss> | > kni501ss> |------ [ linux box ] (Debian) > kni501ss> | > kni501ss> | > kni501ss> |-------[ other os box ] > > kni501ss> How do I give a 'real' IPV6 address to the linux box ? > > You run rtadvd on the openbsd box. From my NetBSD router: > ># service network >de3:\ > :addrs#2:\ > :addr0="2002:401A:9BFE:0003::":\ > :addr1="2001:0410:0402:0003::":tc=ether: > #:addr3="3ffe:1ce1:0:fe51::":tc=ether: > > 270 ?? Is 1:39.68 /usr/sbin/rtadvd de1 de2 de3 > >That means that you have to subnet your address space from freenet6. You'll >notice that suspicously, the network on de*3* is :0003: > > > Thankyou for your help, Michael and Pim. I found that the freenet6 client automatically creates a cfg file for rtadvd when configured as a router. However, it seems that rtadvd isnt quite hppy with the config file, so ill take it up with the freenet6 people. From pim@ipng.nl Thu Sep 12 08:03:32 2002 From: pim@ipng.nl (Pim van Pelt) Date: Thu, 12 Sep 2002 09:03:32 +0200 Subject: [6bone] ipv6 setup question In-Reply-To: <20020911155058.GL17048@no-way.org> References: <20020911155058.GL17048@no-way.org> Message-ID: <20020912070332.GE28853@bfib.colo.bit.nl> Hoi, Smoe year or so ago I had the same problem, but with Riverstone as a bridge. Check to see if it handles multicast properly. I see your paste with the linux/usagi boxes doing a neighbor sollicitation. This is like ARP but then for IPv6. There is no answer. I'm interrested to see if your NS reaches xl1 and xl0 on the OpenBSD box. Please tcpdump them when you are trying an NS from the backend (xl1) LAN. My bet is, the OpenBSD kernel never gets the neighbor sollicitation and therefor cannot answer with a neighbor advertisement, so the client boxes never know which linklocal address (and MAC adres) to send the ICMPv6 echo packet to. The other way around, is trivial. The OpenBSD box does send out a NS packet and the box on the xl1 side answers with a NA, which your OpenBSD box does get. Once this has happened, the client on xl0 side (linux/usagi) can put the linklocal of the OpenBSD in the neighbor cache and therefor does not have to resend a NS packet when it wants to ping the openbsd server. I hope this is somewhat clear :) Check if the bridge forwards NS properly and while you're at it, check to see if it bridges router advertisement/sollicitation (RA/RS). good luck! Pim On Wed, Sep 11, 2002 at 05:50:58PM +0200, Flavio Curti wrote: | hi | | hope nobody minds me asking this in the 6bone list, but i'm running out | of lists where i can ask (tried debian-ipv6, snap-users, openbsd-ipv6, | openbsd-misc, usagi). hope somebody has an idea! | | i want to setup the following: | | 3ffe:2029:8400:0:1::1 - openbsd 3.1-stable router (i386) | xl0 3ffe:2029:8400:0:1::1 | xl1 no addresses | bridge0 - xl0 and xl1 | the linux, linuxusagi and the netbsd machines are connected to a hub, | which is connected to xl1. | | \--- 3ffe:2029:8400:0:1::2 - linux usagi 2.2.19 box (i386) | \--- 3ffe:2029:8400:0:1::3 - normal linux 2.2.19 box (i386) | \--- 3ffe:2029:8400:0:1::4 - netbsd 1.5 (alpha) | | when i try to ping6 the gateway from the linux boxes it fails. (host | unreachable): | --(linux2219usagi: $:~)-- ping6 3ffe:2029:8400:0:1::1 | PING 3ffe:2029:8400:0:1::1(3ffe:2029:8400:0:1::1) from \ | 3ffe:2029:8400:0:1::2 : 56 data bytes | >From 3ffe:2029:8400:0:1::2 icmp_seq=3 Destination unreachable: Address \ | unreachable | | --(linux2219usagi: $:~)-- ip -6 neigh | --(linux2219usagi: $:~)-- | | (the same from the linux2219 box.) | and the same from the netbsd box. | however as soon as i ping the linux box from the openbsd box: | | --(openbsd: $:~)-- ping6 3ffe:2029:8400:0:1::2 | PING6(56=40+8+8 bytes) 3ffe:2029:8400:0:1::1 --> 3ffe:2029:8400:0:1::2 | 16 bytes from 3ffe:2029:8400:0:1::2, icmp_seq=5 hlim=64 time=27.794 ms | 16 bytes from 3ffe:2029:8400:0:1::2, icmp_seq=8 hlim=64 time=7.178 ms | --- 3ffe:2029:8400:0:1::2 ping6 statistics --- | 9 packets transmitted, 6 packets received, 33% packet loss | round-trip min/avg/max/std-dev = 2.870/517.059/2028.869/771.456 ms | | it makes the entries just fine and i can ping the other way around fine: | --(linux2219usagi: $:~)-- ip -6 neigh | 3ffe:2029:8400:0:1::1 dev eth0 lladdr 00:50:da:84:bf:49 router nud stale | fe80::250:daff:fe84:bf49 dev eth0 lladdr 00:50:da:84:bf:49 nud stale | | i did a tcpdump on the openbsd box, showing the linux2219usagi box | trying to ping the openbsd box: | --($:~)-- tcpdump -i xl0 -n proto ipv6-icmp | tcpdump: listening on xl0 | 17:36:55.462827 3ffe:2029:8400:0:1::2 > ff02::1:ff00:1: icmp6: neighbor | sol: who has 3ffe:2029:8400:0:1::1 | 17:36:56.462734 3ffe:2029:8400:0:1::2 > ff02::1:ff00:1: icmp6: neighbor | sol: who has 3ffe:2029:8400:0:1::1 | | so i now have exactly the same problem with the netbsd box as well. ping | between the boxes netbsd, linux2219, linux2219usagi works. ping to | the openbsd bridge from one of the boxes does not work. when i ping from | the openbsd box to one of the boxes it works. after that, the back-ping | does work too!! | | so it definitly seems to be some openbsd problem. (is it the bridge that | makes problems? i will try this on wendesday when i got console access | to that firewall box) | | i hope you have an idea, thank you and greetz | | Flavio | -- | http://no-way.org/~fcu/ | | _______________________________________________ | 6bone mailing list | 6bone@mailman.isi.edu | http://mailman.isi.edu/mailman/listinfo/6bone -- ---------- - - - - -+- - - - - ---------- Pim van Pelt Email: pim@ipng.nl http://www.ipng.nl/ IPv6 Deployment ----------------------------------------------- From lists.fcu@no-way.org Thu Sep 12 09:55:10 2002 From: lists.fcu@no-way.org (Flavio Curti) Date: Thu, 12 Sep 2002 10:55:10 +0200 Subject: [6bone] ipv6 setup question In-Reply-To: <20020912070332.GE28853@bfib.colo.bit.nl> References: <20020911155058.GL17048@no-way.org> <20020912070332.GE28853@bfib.colo.bit.nl> Message-ID: <20020912085510.GN17048@no-way.org> On Thu, Sep 12, 2002 at 09:03:32AM +0200, Pim van Pelt wrote: > Hoi, > > Smoe year or so ago I had the same problem, but with Riverstone as a > bridge. Check to see if it handles multicast properly. I see your paste > with the linux/usagi boxes doing a neighbor sollicitation. This is like okay, ill check multicast possibilty of the bridge on the openbsd mailinglist. > I'm interrested to see if your NS reaches xl1 and xl0 on the OpenBSD > box. Please tcpdump them when you are trying an NS from the backend > (xl1) LAN. the tcpdump you see was done on the xl0 interface on the openbsd box. (this is the interface 'the farest away') so it does reach the openbsd box, but somehow the kernel does not think its for him... hmmmmppp > My bet is, the OpenBSD kernel never gets the neighbor sollicitation and > therefor cannot answer with a neighbor advertisement, so the client > boxes never know which linklocal address (and MAC adres) to send the > ICMPv6 echo packet to. yup... > The other way around, is trivial. The OpenBSD box does send out a NS my thoughts. > I hope this is somewhat clear :) Check if the bridge forwards NS > properly and while you're at it, check to see if it bridges router > advertisement/sollicitation (RA/RS). okay, i will check that... (which i doubt, i tried using rtadvd which didn't work...) thank you very much & greetz Flavio -- http://no-way.org/~fcu/ From pekkas@netcore.fi Fri Sep 13 05:48:53 2002 From: pekkas@netcore.fi (Pekka Savola) Date: Fri, 13 Sep 2002 07:48:53 +0300 (EEST) Subject: [6bone] Re: [ga] Overcoming IPv6 Security Threat In-Reply-To: <3D81708A.556A9B23@ix.netcom.com> Message-ID: On Thu, 12 Sep 2002, Jeff Williams wrote: > Joe and all assembly members other interested parties, > > Thanks Joe for passing this interesting and very accurate article. Hmm.. > It is good that also Jim FLemings IPv8 got a little well deserved > attention as well. Kudos to Jim there! You must be kidding! -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords From gmonroe@ku.edu Fri Sep 13 15:30:09 2002 From: gmonroe@ku.edu (gmonroe) Date: Fri, 13 Sep 2002 09:30:09 -0500 Subject: [6bone] Domain Registration Message-ID: <000401c25b32$10473630$c8107c18@xp> This is a multi-part message in MIME format. ------=_NextPart_000_0005_01C25B08.27712E30 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit I am a newbie to the 6bone, and I have a question about domain registration. Does icann support ipv6 addresses for domain servers? In other words, could I go to my local domain registrar and provide my IPv6 addresses for my DNS servers and have these resolve properly? Thanks for the help. ------=_NextPart_000_0005_01C25B08.27712E30 Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

I am a newbie to the 6bone, and I have a question = about domain registration.  Does = icann support ipv6 addresses for domain = servers?  In other words, could I go to = my local domain registrar and provide my IPv6 addresses for my DNS servers and have = these resolve properly? Thanks for the help.

------=_NextPart_000_0005_01C25B08.27712E30-- From cdel@firsthand.net Fri Sep 13 16:02:35 2002 From: cdel@firsthand.net (Christian de Larrinaga) Date: Fri, 13 Sep 2002 16:02:35 +0100 Subject: [6bone] proposal for transfer of 6bone address management responsibilities to RIRs In-Reply-To: <20020823212258.E27015@Space.Net> Message-ID: Jordi > > Right now, it's important to push IPv6, but in the long run, I *want* > restrictions on "who can get IPv6 blocks from the RIR". > > > I always say IPv6 is FREEDOM, and following the same rule as in IPv4, > > it WILL NOT BE. If IPv6 addresses are "free" in the sense you describe how do they get re allocated when say a device dies or a home user moves on? Christian de Larrinaga From galania@ipv6.inictel.gob.pe Fri Sep 13 18:23:09 2002 From: galania@ipv6.inictel.gob.pe (Gino Francisco Alania Hurtado) Date: Fri, 13 Sep 2002 12:23:09 -0500 Subject: [6bone] bind 9 Message-ID: <3D821EFD.8090205@ipv6.inictel.gob.pe> Somebody profit to form bind 9 for ipv6? so that it can help me From rain@bluecherry.net Sat Sep 14 02:45:37 2002 From: rain@bluecherry.net (Ben Winslow) Date: Fri, 13 Sep 2002 20:45:37 -0500 Subject: [6bone] Call for help: Multicast over tunneled ipv6 Message-ID: <20020913204537.10ae84e8.rain@bluecherry.net> --=.1AG'lF:iRT4z_v Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Has anyone had any luck using multicast over a tunneled v6 connection? Everything works on the local ethernet segment (of course), but I can't get past the router--the other end doesn't see any of the multicast packets. (I was testing with an ipv6ip tunnel to another site in this case) It's quite possible that I don't have the router set up correctly, but I don't know what I'm doing wrong if that's the case. I've been browing assorted multicast docs on cisco's site, and *as far as I know*, I have everything configured correctly. Can anyone suggest any possible 'gotchas' or condensed guides? Some details: Router: Cisco IOS Version 12.2(8)T5 Nodes on each end: Linux 2.4.x (16 <= x <= 19) IPv6 on the local ethernet segment is native until the router Router connects to the world with 6to4 Test nodes were connected by means of native ipv6 -> router -> ipv6ip over v4 internet -> ipv6 sit interface in Linux I'd be happy to provide configuration snippets or other details if they'll help. -- Ben Winslow (rain@bluecherry.net) : Time is the best System Administrator : teacher--unfortunately, it kills Bluecherry Internet Services : all of its students. http://www.bluecherry.net/ : (573) 592-0800 : --=.1AG'lF:iRT4z_v Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9gpTE2/SfDQAyrVERAk5JAKC7JrjcdxRL0w/frrGFpVUoi7I+wgCgoLPN gha9sXzbYW5cUaNMh8htudw= =mVIb -----END PGP SIGNATURE----- --=.1AG'lF:iRT4z_v-- From anil.bhaskar@wipro.com Sat Sep 14 05:08:09 2002 From: anil.bhaskar@wipro.com (Anil B) Date: Sat, 14 Sep 2002 09:38:09 +0530 Subject: [6bone] bind 9 In-Reply-To: <3D821EFD.8090205@ipv6.inictel.gob.pe> Message-ID: <001201c25ba4$5663cb20$1a14c80a@wipro.com> This is a multi-part message in MIME format. ------=_NextPartTM-000-cf9d3db2-e1b7-4357-9bba-b5bed8c1bd34 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Yes I have installed bind 9 in Linux and Windows and it is working fine for forward and reverse DNS IPv6. Best Regards, Anil B. Wipro Tech. Bangalore India -----Original Message----- From: 6bone-admin@mailman.isi.edu [mailto:6bone-admin@mailman.isi.edu] On Behalf Of Gino Francisco Alania Hurtado Sent: Friday, September 13, 2002 10:53 PM To: 6bone@mailman.isi.edu; usagi-users@linux-ipv6.org Subject: [6bone] bind 9 Somebody profit to form bind 9 for ipv6? so that it can help me _______________________________________________ 6bone mailing list 6bone@mailman.isi.edu http://mailman.isi.edu/mailman/listinfo/6bone ------=_NextPartTM-000-cf9d3db2-e1b7-4357-9bba-b5bed8c1bd34 Content-Type: text/plain; name="Wipro_Disclaimer.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="Wipro_Disclaimer.txt" **************************Disclaimer************************************ Information contained in this E-MAIL being proprietary to Wipro Limited is 'privileged' and 'confidential' and intended for use only by the individual or entity to which it is addressed. You are notified that any use, copying or dissemination of the information contained in the E-MAIL in any manner whatsoever is strictly prohibited. *************************************************************************** ------=_NextPartTM-000-cf9d3db2-e1b7-4357-9bba-b5bed8c1bd34-- From kim@tac.nyc.ny.us Sat Sep 14 06:17:25 2002 From: kim@tac.nyc.ny.us (Kimmo Suominen) Date: Sat, 14 Sep 2002 01:17:25 -0400 Subject: [6bone] Call for help: Multicast over tunneled ipv6 In-Reply-To: <20020913204537.10ae84e8.rain@bluecherry.net> from Ben Winslow on Fri, 13 Sep 2002 20:45:37 -0500 References: <20020913204537.10ae84e8.rain@bluecherry.net> Message-ID: <20020914051725.9451C7E4C@beowulf.gw.com> I was just looking at this the other day, and I didn't see a "ipv6 multicast-routing" command (analogous to "ip multicast-routing") on IOS 12.2(11)T. Which made me think it doesn't do multicast over ipv6 at all. Regards, + Kim | From: Ben Winslow | Date: Fri, 13 Sep 2002 20:45:37 -0500 | | Has anyone had any luck using multicast over a tunneled v6 connection? | Everything works on the local ethernet segment (of course), but I can't | get past the router--the other end doesn't see any of the multicast | packets. (I was testing with an ipv6ip tunnel to another site in this | case) | | It's quite possible that I don't have the router set up correctly, but I | don't know what I'm doing wrong if that's the case. I've been browing | assorted multicast docs on cisco's site, and *as far as I know*, I have | everything configured correctly. | | Can anyone suggest any possible 'gotchas' or condensed guides? | | Some details: | Router: Cisco IOS Version 12.2(8)T5 | Nodes on each end: Linux 2.4.x (16 <= x <= 19) | | IPv6 on the local ethernet segment is native until the router | Router connects to the world with 6to4 | Test nodes were connected by means of native ipv6 -> router -> ipv6ip | over v4 internet -> ipv6 sit interface in Linux | | I'd be happy to provide configuration snippets or other details if | they'll help. | | -- | Ben Winslow (rain@bluecherry.net) : Time is the best | System Administrator : teacher--unfortunately, it kills | Bluecherry Internet Services : all of its students. | http://www.bluecherry.net/ : | (573) 592-0800 : From jorgen@hovland.cx Sat Sep 14 12:01:33 2002 From: jorgen@hovland.cx (=?iso-8859-1?Q?J=F8rgen_Hovland?=) Date: Sat, 14 Sep 2002 13:01:33 +0200 Subject: [6bone] Call for help: Multicast over tunneled ipv6 References: <20020913204537.10ae84e8.rain@bluecherry.net> Message-ID: <001c01c25bde$1786e920$1b29b3d5@hera> You didnt give much information like if you are using dvmrp tunnels etc.. Your cisco is in front of the linuxmachine on a seperate interface which does the tunneling? LAN1 <-> cisco <-> linux LAN2 <-> tunnel <-> linux <-> LAN3 ? Are all the nodes in the same domain ? How is your pim configuration set? joergen hovland ----- Original Message ----- From: "Ben Winslow" To: "6BONE List" <6bone@ISI.EDU> Sent: Saturday, September 14, 2002 3:45 AM Subject: [6bone] Call for help: Multicast over tunneled ipv6 Has anyone had any luck using multicast over a tunneled v6 connection? Everything works on the local ethernet segment (of course), but I can't get past the router--the other end doesn't see any of the multicast packets. (I was testing with an ipv6ip tunnel to another site in this case) It's quite possible that I don't have the router set up correctly, but I don't know what I'm doing wrong if that's the case. I've been browing assorted multicast docs on cisco's site, and *as far as I know*, I have everything configured correctly. Can anyone suggest any possible 'gotchas' or condensed guides? Some details: Router: Cisco IOS Version 12.2(8)T5 Nodes on each end: Linux 2.4.x (16 <= x <= 19) IPv6 on the local ethernet segment is native until the router Router connects to the world with 6to4 Test nodes were connected by means of native ipv6 -> router -> ipv6ip over v4 internet -> ipv6 sit interface in Linux I'd be happy to provide configuration snippets or other details if they'll help. -- Ben Winslow (rain@bluecherry.net) : Time is the best System Administrator : teacher--unfortunately, it kills Bluecherry Internet Services : all of its students. http://www.bluecherry.net/ : (573) 592-0800 : From gert@space.net Mon Sep 16 08:21:26 2002 From: gert@space.net (Gert Doering) Date: Mon, 16 Sep 2002 09:21:26 +0200 Subject: [6bone] Domain Registration In-Reply-To: <000401c25b32$10473630$c8107c18@xp>; from gmonroe@ku.edu on Fri, Sep 13, 2002 at 09:30:09AM -0500 References: <000401c25b32$10473630$c8107c18@xp> Message-ID: <20020916092125.J80239@Space.Net> Hi, On Fri, Sep 13, 2002 at 09:30:09AM -0500, gmonroe wrote: > I am a newbie to the 6bone, and I have a question about domain > registration. Does icann support ipv6 addresses for domain servers? In > other words, could I go to my local domain registrar and provide my IPv6 > addresses for my DNS servers and have these resolve properly? Thanks for > the help. Well, actually it's not "ICANN" that has to support this, but your local registrar. For some TLDs, they don't support v6 glue records yet (.DE, for example), for others, it has been announced a while ago (NSI for .com/.net/.org) but I haven't seen any evidence that it's actually supported by now. So the best approach would be to actually talk to your registrar about what exactly you want to achieve, and then report your findings to us :) Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46861 (46812) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From bjorn.lindgren@pharmacia.com Mon Sep 16 08:28:42 2002 From: bjorn.lindgren@pharmacia.com (LINDGREN, BJORN [IT/0454]) Date: Mon, 16 Sep 2002 03:28:42 -0400 Subject: [6bone] Call for help: Multicast over tunneled ipv6 Message-ID: AFAIK Cisco IOS does not support IPv6 multicast other than MBGP in the production images. No PIM-SM/PIM-DM/MSDP/MLDv2 for IPv6. There exists a development/beta image with IPv6 Multicast support IIRC. Maybe someone how knows better can clarify. // B -----Original Message----- From: Jørgen Hovland [mailto:jorgen@hovland.cx] Sent: den 14 september 2002 13:02 To: Ben Winslow; 6BONE List Subject: Re: [6bone] Call for help: Multicast over tunneled ipv6 You didnt give much information like if you are using dvmrp tunnels etc.. Your cisco is in front of the linuxmachine on a seperate interface which does the tunneling? LAN1 <-> cisco <-> linux LAN2 <-> tunnel <-> linux <-> LAN3 ? Are all the nodes in the same domain ? How is your pim configuration set? joergen hovland ----- Original Message ----- From: "Ben Winslow" To: "6BONE List" <6bone@ISI.EDU> Sent: Saturday, September 14, 2002 3:45 AM Subject: [6bone] Call for help: Multicast over tunneled ipv6 Has anyone had any luck using multicast over a tunneled v6 connection? Everything works on the local ethernet segment (of course), but I can't get past the router--the other end doesn't see any of the multicast packets. (I was testing with an ipv6ip tunnel to another site in this case) It's quite possible that I don't have the router set up correctly, but I don't know what I'm doing wrong if that's the case. I've been browing assorted multicast docs on cisco's site, and *as far as I know*, I have everything configured correctly. Can anyone suggest any possible 'gotchas' or condensed guides? Some details: Router: Cisco IOS Version 12.2(8)T5 Nodes on each end: Linux 2.4.x (16 <= x <= 19) IPv6 on the local ethernet segment is native until the router Router connects to the world with 6to4 Test nodes were connected by means of native ipv6 -> router -> ipv6ip over v4 internet -> ipv6 sit interface in Linux I'd be happy to provide configuration snippets or other details if they'll help. -- Ben Winslow (rain@bluecherry.net) : Time is the best System Administrator : teacher--unfortunately, it kills Bluecherry Internet Services : all of its students. http://www.bluecherry.net/ : (573) 592-0800 : _______________________________________________ 6bone mailing list 6bone@mailman.isi.edu http://mailman.isi.edu/mailman/listinfo/6bone From gert@space.net Mon Sep 16 08:48:39 2002 From: gert@space.net (Gert Doering) Date: Mon, 16 Sep 2002 09:48:39 +0200 Subject: [6bone] Call for help: Multicast over tunneled ipv6 In-Reply-To: <20020914051725.9451C7E4C@beowulf.gw.com>; from kim@tac.nyc.ny.us on Sat, Sep 14, 2002 at 01:17:25AM -0400 References: <20020913204537.10ae84e8.rain@bluecherry.net> <20020914051725.9451C7E4C@beowulf.gw.com> Message-ID: <20020916094839.N80239@Space.Net> Hi, On Sat, Sep 14, 2002 at 01:17:25AM -0400, Kimmo Suominen wrote: > I was just looking at this the other day, and I didn't see a "ipv6 > multicast-routing" command (analogous to "ip multicast-routing") > on IOS 12.2(11)T. Which made me think it doesn't do multicast over > ipv6 at all. Seconded. As far as I know, there is no Cisco IOS version with IPv6 multicast routing available yet. (Maybe internally, but no 12.2T) Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46861 (46812) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From pekkas@netcore.fi Mon Sep 16 14:59:52 2002 From: pekkas@netcore.fi (Pekka Savola) Date: Mon, 16 Sep 2002 16:59:52 +0300 (EEST) Subject: [6bone] Call for help: Multicast over tunneled ipv6 In-Reply-To: Message-ID: On Mon, 16 Sep 2002, LINDGREN, BJORN [IT/0454] wrote: > AFAIK Cisco IOS does not support IPv6 multicast other than MBGP in the > production images. No, v6 MBGP (for multicast routes) is not supported. > No PIM-SM/PIM-DM/MSDP/MLDv2 for IPv6. There exists a development/beta image > with IPv6 Multicast support IIRC. Yes. > -----Original Message----- > From: Jørgen Hovland [mailto:jorgen@hovland.cx] > Sent: den 14 september 2002 13:02 > To: Ben Winslow; 6BONE List > Subject: Re: [6bone] Call for help: Multicast over tunneled ipv6 > > > You didnt give much information like if you are using dvmrp tunnels etc.. > Your cisco is in front of the linuxmachine on a seperate interface which > does the tunneling? > LAN1 <-> cisco <-> linux LAN2 <-> tunnel <-> linux <-> LAN3 ? > Are all the nodes in the same domain ? How is your pim configuration set? > > > joergen hovland > > ----- Original Message ----- > From: "Ben Winslow" > To: "6BONE List" <6bone@ISI.EDU> > Sent: Saturday, September 14, 2002 3:45 AM > Subject: [6bone] Call for help: Multicast over tunneled ipv6 > > Has anyone had any luck using multicast over a tunneled v6 connection? > Everything works on the local ethernet segment (of course), but I can't > get past the router--the other end doesn't see any of the multicast > packets. (I was testing with an ipv6ip tunnel to another site in this > case) > > It's quite possible that I don't have the router set up correctly, but I > don't know what I'm doing wrong if that's the case. I've been browing > assorted multicast docs on cisco's site, and *as far as I know*, I have > everything configured correctly. > > Can anyone suggest any possible 'gotchas' or condensed guides? > > Some details: > Router: Cisco IOS Version 12.2(8)T5 > Nodes on each end: Linux 2.4.x (16 <= x <= 19) > > IPv6 on the local ethernet segment is native until the router > Router connects to the world with 6to4 > Test nodes were connected by means of native ipv6 -> router -> ipv6ip > over v4 internet -> ipv6 sit interface in Linux > > I'd be happy to provide configuration snippets or other details if > they'll help. > > -- Pekka Savola "Tell me of difficulties surmounted, Netcore Oy not those you stumble over and fall" Systems. Networks. Security. -- Robert Jordan: A Crown of Swords From pgrosset@cisco.com Mon Sep 16 15:16:51 2002 From: pgrosset@cisco.com (Patrick Grossetete) Date: Mon, 16 Sep 2002 16:16:51 +0200 Subject: [6bone] Call for help: Multicast over tunneled ipv6 In-Reply-To: Message-ID: <4.3.2.7.2.20020916161533.017f2ee8@europe.cisco.com> There is no IPv6 Multicast support on Cisco IOS production images, only IPv6 Unicast address family is currently included in MBGP. Regards Patrick At 03:28 AM 16-09-02 -0400, LINDGREN, BJORN [IT/0454] wrote: >AFAIK Cisco IOS does not support IPv6 multicast other than MBGP in the >production images. >No PIM-SM/PIM-DM/MSDP/MLDv2 for IPv6. There exists a development/beta image >with IPv6 Multicast support IIRC. > >Maybe someone how knows better can clarify. > >// B > >-----Original Message----- >From: Jørgen Hovland [mailto:jorgen@hovland.cx] >Sent: den 14 september 2002 13:02 >To: Ben Winslow; 6BONE List >Subject: Re: [6bone] Call for help: Multicast over tunneled ipv6 > > >You didnt give much information like if you are using dvmrp tunnels etc.. >Your cisco is in front of the linuxmachine on a seperate interface which >does the tunneling? >LAN1 <-> cisco <-> linux LAN2 <-> tunnel <-> linux <-> LAN3 ? >Are all the nodes in the same domain ? How is your pim configuration set? > > >joergen hovland > >----- Original Message ----- >From: "Ben Winslow" >To: "6BONE List" <6bone@ISI.EDU> >Sent: Saturday, September 14, 2002 3:45 AM >Subject: [6bone] Call for help: Multicast over tunneled ipv6 > >Has anyone had any luck using multicast over a tunneled v6 connection? >Everything works on the local ethernet segment (of course), but I can't >get past the router--the other end doesn't see any of the multicast >packets. (I was testing with an ipv6ip tunnel to another site in this >case) > >It's quite possible that I don't have the router set up correctly, but I >don't know what I'm doing wrong if that's the case. I've been browing >assorted multicast docs on cisco's site, and *as far as I know*, I have >everything configured correctly. > >Can anyone suggest any possible 'gotchas' or condensed guides? > >Some details: >Router: Cisco IOS Version 12.2(8)T5 >Nodes on each end: Linux 2.4.x (16 <= x <= 19) > >IPv6 on the local ethernet segment is native until the router >Router connects to the world with 6to4 >Test nodes were connected by means of native ipv6 -> router -> ipv6ip >over v4 internet -> ipv6 sit interface in Linux > >I'd be happy to provide configuration snippets or other details if >they'll help. > >-- >Ben Winslow (rain@bluecherry.net) : Time is the best > System Administrator : teacher--unfortunately, it kills > Bluecherry Internet Services : all of its students. > http://www.bluecherry.net/ : > (573) 592-0800 : > > >_______________________________________________ >6bone mailing list >6bone@mailman.isi.edu >http://mailman.isi.edu/mailman/listinfo/6bone >_______________________________________________ >6bone mailing list >6bone@mailman.isi.edu >http://mailman.isi.edu/mailman/listinfo/6bone ____________________________________________ Patrick Grossetete Cisco Systems Internet Technology Division (ITD) - Product Manager Phone/Vmail: 33.1.58.04.61.52 Fax: 33.1.58.04.61.00 mobile: 33.6.19.98.51.31 Email:pgrosset@cisco.com 11 Rue Camille Desmoulins 92782 Issy les Moulineaux Cedex 9 France ____________________________________________ From Nick Kraal Tue Sep 17 11:56:36 2002 From: Nick Kraal (Nick Kraal) Date: Tue, 17 Sep 2002 18:56:36 +0800 Subject: [6bone] IPv6 and FreeBSD References: <4.3.2.7.2.20020916161533.017f2ee8@europe.cisco.com> Message-ID: <012401c25e38$e49450e0$53e173cb@arc.net.my> I hope that this is not OTT on this mailing-list. I am trying to implement a simple IPv6 gateway on FreeBSD. This box has three interfaces xl0,ep1 and gif0. xl0 is connected to a v4 network and runs fine. gif0 is a IPv4 tunneled interface to the existing IPv6 router. The ep1 interface is to a switch where I am trying to construct a pure IPv6 network 2001:FFFF:B405:2::/64. IPv6 connectivity from the box seems to be working fine but I am a bit stuck on the RA portion running on interface ep1. Can this work or must I install Zebra. Any ideas/hints/pointers will be greatly appreciated. Thanks in advance. -nick/ ...from the IPv6 router: ipv6 route 2001:FFFF:B405::/48 Tunnel 5 ...from /etc/rc.conf # ---IPv6 router config--- ipv6_enable="YES" ipv6_static_routes="default" ipv6_route_default="default -interface gif0" ipv6_gateway_enable="YES" ipv6_network_interfaces="xl0 ep1" ipv6_prefix_xl0="2001:FFFF:B405:1 prefixlen 64" ipv6_prefix_ep1="2001:FFFF:B405:2 prefixlen 64" gif_interfaces="gif0" prefixcmd="YES" rtadvd_enable="YES" rtadvd_interfaces="ep1" gifconfig_gif0="200.100.200.110 200.100.220.12" ifconifg_xl0_alias0="2001:FFFF:B405:1::1 prefixlen 64" ifconifg_ep1_alias0="2001:FFFF:B405:2::1 prefixlen 64" From rivero@el-mundo.net Tue Sep 17 15:00:57 2002 From: rivero@el-mundo.net (Raul Rivero) Date: Tue, 17 Sep 2002 16:00:57 +0200 (CEST) Subject: [6bone] IPv6 and FreeBSD In-Reply-To: <012401c25e38$e49450e0$53e173cb@arc.net.my> Message-ID: On Tue, 17 Sep 2002, Nick Kraal wrote: > I hope that this is not OTT on this mailing-list. > > I am trying to implement a simple IPv6 gateway on FreeBSD. This box has > three interfaces xl0,ep1 and gif0. xl0 is connected to a v4 network and runs > fine. gif0 is a IPv4 tunneled interface to the existing IPv6 router. The ep1 > interface is to a switch where I am trying to construct a pure IPv6 network > 2001:FFFF:B405:2::/64. IPv6 connectivity from the box seems to be working > fine but I am a bit stuck on the RA portion running on interface ep1. Can > this work or must I install Zebra. Any ideas/hints/pointers will be greatly > appreciated. > It's in spanish but you could read: (ipv4) http://imasd.elmundo.es/imasd/ipv6/cfg/router-freebsd.html (ipv6) http://imasd.ipv6.elmundo.es/imasd/ipv6/cfg/router-freebsd.html Regards. > Thanks in advance. > > -nick/ > > ...from the IPv6 router: > ipv6 route 2001:FFFF:B405::/48 Tunnel 5 > > ...from /etc/rc.conf > # ---IPv6 router config--- > ipv6_enable="YES" > ipv6_static_routes="default" > ipv6_route_default="default -interface gif0" > ipv6_gateway_enable="YES" > ipv6_network_interfaces="xl0 ep1" > ipv6_prefix_xl0="2001:FFFF:B405:1 prefixlen 64" > ipv6_prefix_ep1="2001:FFFF:B405:2 prefixlen 64" > gif_interfaces="gif0" > prefixcmd="YES" > rtadvd_enable="YES" > rtadvd_interfaces="ep1" > gifconfig_gif0="200.100.200.110 200.100.220.12" > ifconifg_xl0_alias0="2001:FFFF:B405:1::1 prefixlen 64" > ifconifg_ep1_alias0="2001:FFFF:B405:2::1 prefixlen 64" > > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > -- Raul Rivero | Mundinteractivos - El Mundo | Director Tecnico | Pradillo, 42 | raul.rivero@elmundo.es | 28002 - Madrid (SPAIN, EU) | http://www.elmundo.es/ | Tel: (+34) 915856018 | From pim@ipng.nl Thu Sep 19 07:42:08 2002 From: pim@ipng.nl (Pim van Pelt) Date: Thu, 19 Sep 2002 08:42:08 +0200 Subject: [6bone] IPv6 and FreeBSD In-Reply-To: <012401c25e38$e49450e0$53e173cb@arc.net.my> References: <4.3.2.7.2.20020916161533.017f2ee8@europe.cisco.com> <012401c25e38$e49450e0$53e173cb@arc.net.my> Message-ID: <20020919064208.GH4524@bfib.colo.bit.nl> On Tue, Sep 17, 2002 at 06:56:36PM +0800, Nick Kraal wrote: | I hope that this is not OTT on this mailing-list. It's not off topic at all. | I am trying to implement a simple IPv6 gateway on FreeBSD. This box has | three interfaces xl0,ep1 and gif0. xl0 is connected to a v4 network and runs | fine. gif0 is a IPv4 tunneled interface to the existing IPv6 router. The ep1 | interface is to a switch where I am trying to construct a pure IPv6 network | 2001:FFFF:B405:2::/64. IPv6 connectivity from the box seems to be working | fine but I am a bit stuck on the RA portion running on interface ep1. Can | this work or must I install Zebra. Any ideas/hints/pointers will be greatly | appreciated. For FreeBSD, you should look at your sysctl variable in net.inet6.ip6.accept_rtadv and set it to 0. Then look at net.inet6.ip6.forwarding and set that to 1. Then man rtadvd and simply type 'rtadvd ep1'. The machine will read the prefix info (apparently 2001:FFFF:B405:2::/64 which is a hijacked IPv6 inet6num by the way, which you should _not_ be doing), and start periodically sending RA on this link. In addition, rtadvd listens for incoming router sollicitations from the ep1 interface and will answer these with an RA. Good luck! groet, Pim | | Thanks in advance. | | -nick/ | | ...from the IPv6 router: | ipv6 route 2001:FFFF:B405::/48 Tunnel 5 | | ...from /etc/rc.conf | # ---IPv6 router config--- | ipv6_enable="YES" | ipv6_static_routes="default" | ipv6_route_default="default -interface gif0" | ipv6_gateway_enable="YES" | ipv6_network_interfaces="xl0 ep1" | ipv6_prefix_xl0="2001:FFFF:B405:1 prefixlen 64" | ipv6_prefix_ep1="2001:FFFF:B405:2 prefixlen 64" | gif_interfaces="gif0" | prefixcmd="YES" | rtadvd_enable="YES" | rtadvd_interfaces="ep1" | gifconfig_gif0="200.100.200.110 200.100.220.12" | ifconifg_xl0_alias0="2001:FFFF:B405:1::1 prefixlen 64" | ifconifg_ep1_alias0="2001:FFFF:B405:2::1 prefixlen 64" | | | _______________________________________________ | 6bone mailing list | 6bone@mailman.isi.edu | http://mailman.isi.edu/mailman/listinfo/6bone -- ---------- - - - - -+- - - - - ---------- Pim van Pelt Email: pim@ipng.nl http://www.ipng.nl/ IPv6 Deployment ----------------------------------------------- From dlc-6bone@halibut.com Thu Sep 19 15:32:03 2002 From: dlc-6bone@halibut.com (David Carmean) Date: Thu, 19 Sep 2002 07:32:03 -0700 Subject: [6bone] Commercial IPv6-ready firewall products? Message-ID: <20020919073203.B18867@halibut.com> Greetings, Are there yet any commercially-supported firewall products with support for IPv6, both tunnelled and native? From gert@space.net Thu Sep 19 16:10:23 2002 From: gert@space.net (Gert Doering) Date: Thu, 19 Sep 2002 17:10:23 +0200 Subject: [6bone] Commercial IPv6-ready firewall products? In-Reply-To: <20020919073203.B18867@halibut.com>; from dlc-6bone@halibut.com on Thu, Sep 19, 2002 at 07:32:03AM -0700 References: <20020919073203.B18867@halibut.com> Message-ID: <20020919171023.H80239@Space.Net> Hi, On Thu, Sep 19, 2002 at 07:32:03AM -0700, David Carmean wrote: > Are there yet any commercially-supported firewall products with support > for IPv6, both tunnelled and native? Checkpoint has announced IPv6 support for "September 2002" (search for IPv6 on www.checkpoint.com for the press release). It's not there yet, though. Cisco PIX and Netscreen are scheduled for "Q1/2003"... Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 46861 (46812) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From pim@ipng.nl Thu Sep 19 16:39:49 2002 From: pim@ipng.nl (Pim van Pelt) Date: Thu, 19 Sep 2002 17:39:49 +0200 Subject: [6bone] Commercial IPv6-ready firewall products? In-Reply-To: <20020919073203.B18867@halibut.com> References: <20020919073203.B18867@halibut.com> Message-ID: <20020919153949.GA1754@bfib.colo.bit.nl> | Are there yet any commercially-supported firewall products with support | for IPv6, both tunnelled and native? Juniper. Perhaps Cisco also has some filtering on board, but the last time I checked neither Juniper nor Cisco had any filtering capabilities for IPv6. Mind you, Juniper JunOS 5.4 and up have line-rate ASIC based filtering on board on any interface type. groet, Pim -- ---------- - - - - -+- - - - - ---------- Pim van Pelt Email: pim@ipng.nl http://www.ipng.nl/ IPv6 Deployment ----------------------------------------------- From itojun@iijlab.net Thu Sep 19 16:44:14 2002 From: itojun@iijlab.net (Jun-ichiro itojun Hagino) Date: Fri, 20 Sep 2002 00:44:14 +0900 Subject: [6bone] Commercial IPv6-ready firewall products? In-Reply-To: gert's message of Thu, 19 Sep 2002 17:10:23 +0200. <20020919171023.H80239@Space.Net> Message-ID: <20020919154414.D6A8D7BB@starfruit.itojun.org> >On Thu, Sep 19, 2002 at 07:32:03AM -0700, David Carmean wrote: >> Are there yet any commercially-supported firewall products with support >> for IPv6, both tunnelled and native? >Checkpoint has announced IPv6 support for "September 2002" (search for IPv6 >on www.checkpoint.com for the press release). It's not there yet, though. >Cisco PIX and Netscreen are scheduled for "Q1/2003"... not a commercial product, but OpenBSD PF works great. itojun From dlc-6bone@halibut.com Thu Sep 19 16:59:45 2002 From: dlc-6bone@halibut.com (David Carmean) Date: Thu, 19 Sep 2002 08:59:45 -0700 Subject: [6bone] Commercial IPv6-ready firewall products? In-Reply-To: <20020919154414.D6A8D7BB@starfruit.itojun.org>; from itojun@iijlab.net on Fri, Sep 20, 2002 at 12:44:14AM +0900 References: <20020919171023.H80239@Space.Net> <20020919154414.D6A8D7BB@starfruit.itojun.org> Message-ID: <20020919085945.A648@halibut.com> On Fri, Sep 20, 2002 at 12:44:14AM +0900, Jun-ichiro itojun Hagino wrote: > >On Thu, Sep 19, 2002 at 07:32:03AM -0700, David Carmean wrote: > >> Are there yet any commercially-supported firewall products with support > >> for IPv6, both tunnelled and native? > >Checkpoint has announced IPv6 support for "September 2002" (search for IPv6 > >on www.checkpoint.com for the press release). It's not there yet, though. > >Cisco PIX and Netscreen are scheduled for "Q1/2003"... > > not a commercial product, but OpenBSD PF works great. Absolutely, although I prefer Darren Reed's original IPF, on FreeBSD. I'm just looking for alternatives in case the manglers refuse to use something we can't pay someone they can blame^w^w^w to support it. W.R.T. the Juniper and Cisco ACL suggestions... at the very least I will insist on a stateful packet filter, if not stateful inspection. From atarashi@ebina.hitachi.co.jp Thu Sep 19 17:15:23 2002 From: atarashi@ebina.hitachi.co.jp (Yoshifumi Atarashi) Date: Fri, 20 Sep 2002 01:15:23 +0900 (JST) Subject: [6bone] Commercial IPv6-ready firewall products? In-Reply-To: <20020919153949.GA1754@bfib.colo.bit.nl> References: <20020919073203.B18867@halibut.com> <20020919153949.GA1754@bfib.colo.bit.nl> Message-ID: <20020920.011523.01372042.atarashi@ebina.hitachi.co.jp> From: Pim van Pelt Subject: Re: [6bone] Commercial IPv6-ready firewall products? Date: Thu, 19 Sep 2002 17:39:49 +0200 > | Are there yet any commercially-supported firewall products with support > | for IPv6, both tunnelled and native? > Juniper. Perhaps Cisco also has some filtering on board, but the last > time I checked neither Juniper nor Cisco had any filtering capabilities > for IPv6. > > Mind you, Juniper JunOS 5.4 and up have line-rate ASIC based filtering > on board on any interface type. Hitachi GR2000 already supported IPv6 hardware based filtering. http://www.internetworking.hitachi.com/index.shtml ---- Yoshifumi Atarashi From michel@arneill-py.sacramento.ca.us Thu Sep 19 22:03:33 2002 From: michel@arneill-py.sacramento.ca.us (Michel Py) Date: Thu, 19 Sep 2002 14:03:33 -0700 Subject: [6bone] Re: Commercial IPv6-ready firewall products? Message-ID: <2B81403386729140A3A899A8B39B046405E30C@server2000> > David Carmean wrote: > W.R.T. the Juniper and Cisco ACL suggestions... > at the very least I will insist on a stateful packet > filter, if not stateful inspection. I agree. Something like a reflexive access-list is a good beginning, but you can't really call something a firewall unless it has stateful inspection and goodies such as syn/ack detection. Michel. From daniel@unix.za.net Fri Sep 20 02:53:04 2002 From: daniel@unix.za.net (Daniel Schroder) Date: Fri, 20 Sep 2002 03:53:04 +0200 (SAST) Subject: [6bone] Re: Commercial IPv6-ready firewall products? In-Reply-To: <2B81403386729140A3A899A8B39B046405E30C@server2000> Message-ID: <20020920030538.G62365-100000@unix.za.net> Does anyone have a generic ip6fw firewall ruleset for ? I know about rc.firewall6 .. but I'm hoping to get a peek at a live on .. if not I'm going to sit this weekend and translate one :) --Daniel Schroder (Private email daniel@unix.os.org.za) Unix users .. South Africa To : dlc-6bone@halibut.com From : Michel Py date : Sep 19 Address : michel@arneill-py.sacramento.ca.us +27839904029@sms.co.za (A good friend will bail you out of jail,But your best friend will be sitting next to you saying: 'That was f*cking awesome!) On Thu, 19 Sep 2002, Michel Py wrote: > > David Carmean wrote: > > W.R.T. the Juniper and Cisco ACL suggestions... > > at the very least I will insist on a stateful packet > > filter, if not stateful inspection. > > I agree. Something like a reflexive access-list is a good beginning, but > you can't really call something a firewall unless it has stateful > inspection and goodies such as syn/ack detection. > > Michel. > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > From pim@ipng.nl Sun Sep 22 08:35:24 2002 From: pim@ipng.nl (Pim van Pelt) Date: Sun, 22 Sep 2002 09:35:24 +0200 Subject: [6bone] pTLA deallocation Message-ID: <20020922073524.GA18642@bfib.colo.bit.nl> Dear Bob, dear 6bone-community, On the 1st of March 2002, I was allocated 3ffe:8350::/28 from the 6bone for running a test deployment within Business Internet Trends, based in the Netherlands. Two months later, I requested an allocation from the RIPE-NCC and was allocated 2001:7b8::/35. Recently I transitioned the backbone network for this ISP from PDH to Ethernet over WDM and am succesfully running 4 gigabit WDM trunks from our hometown of Ede (NL) to the AMS-IX, spanning 90 km. After careful consideration by myself and the NOC people I represent, I have concluded that we no longer need the 6BONE allocation and that we are ready to provide commercial grade IPv6 connectivity to our colocation and dialup customers. I've removed the ip6.int files from our nameservers and retracted the BGP announcements for the /28 network sometime last week. I checked just now and see that the network no longer exists on 6BONE. That means I'm ready to officially give the allocation back to the registry. I would like to say thank-you to Bob F and to David K who were so supporting in rolling out IPv6 at AS12859. I hope your wine tasted ok, David. Some operational matters should perhaps be addressed. After removing DNS, BGP and all references within my network, apart from removing the objects in the 6BONE whois-db, are there other things to take care of ? Perhaps we can set up a checklist and stick it on www.6bone.net for other operators to take a look at when they return their 6BONE allocation in the future. Kind regards, Pim van Pelt -- ---------- - - - - -+- - - - - ---------- Pim van Pelt Email: pim@ipng.nl http://www.ipng.nl/ IPv6 Deployment ----------------------------------------------- From gert@space.net Mon Sep 23 16:10:27 2002 From: gert@space.net (Gert Doering) Date: Mon, 23 Sep 2002 17:10:27 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? Message-ID: <20020923171027.A74430@Space.Net> Hi, is ist just me...? $ dig whois.6bone.net any ... ;; ANSWER SECTION: whois.6bone.net. 1H IN A 192.103.19.12 is it a bug, or a mis-feature, that whois.6bone.net does not have IPv6 connectivity? Just wondering... Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 47095 (46861) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From owens@nysernet.org Mon Sep 23 17:02:08 2002 From: owens@nysernet.org (Bill Owens) Date: Mon, 23 Sep 2002 12:02:08 -0400 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <20020923171027.A74430@Space.Net> References: <20020923171027.A74430@Space.Net> Message-ID: At 17:10 +0200 9/23/02, Gert Doering wrote: >Hi, > >is ist just me...? > >$ dig whois.6bone.net any >... >;; ANSWER SECTION: >whois.6bone.net. 1H IN A 192.103.19.12 > >is it a bug, or a mis-feature, that whois.6bone.net does not have IPv6 >connectivity? There was some discussion back in February of getting v6 connectivity for that machine, but I don't recall seeing any updates. Is there a v6-capable WHOIS client available? Bill. From jeroen@unfix.org Mon Sep 23 17:04:14 2002 From: jeroen@unfix.org (Jeroen Massar) Date: Mon, 23 Sep 2002 18:04:14 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <20020923171027.A74430@Space.Net> Message-ID: <000901c2631a$ddb680e0$210d640a@unfix.org> Gert Doering > is ist just me...? > > $ dig whois.6bone.net any > ... > ;; ANSWER SECTION: > whois.6bone.net. 1H IN A 192.103.19.12 > > is it a bug, or a mis-feature, that whois.6bone.net does not have IPv6 > connectivity? That has $always been the case. A couple of weeks ago www.6bone.net only did v4 too :( On another note... since when is there the possibility for delegating 2002::/16 reverses ? 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. odd SOA record though 20021402, month 14 ? I also noticed that f.5.ip6.int. NS ns.isi.edu. f.5.ip6.int. NS flag.ep.net. is still loaded onto the NS's and... *** ip6.int SOA record at ns.isi.edu is not authoritative Also nicely shown with: http://www.foobar.tm/dns/cache/ip6.int.png Greets, Jeroen From gert@space.net Mon Sep 23 17:07:12 2002 From: gert@space.net (Gert Doering) Date: Mon, 23 Sep 2002 18:07:12 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <000901c2631a$ddb680e0$210d640a@unfix.org>; from jeroen@unfix.org on Mon, Sep 23, 2002 at 06:04:14PM +0200 References: <20020923171027.A74430@Space.Net> <000901c2631a$ddb680e0$210d640a@unfix.org> Message-ID: <20020923180712.O80239@Space.Net> Hi, On Mon, Sep 23, 2002 at 06:04:14PM +0200, Jeroen Massar wrote: > Gert Doering > > is ist just me...? > > > > $ dig whois.6bone.net any > > ... > > ;; ANSWER SECTION: > > whois.6bone.net. 1H IN A 192.103.19.12 > > > > is it a bug, or a mis-feature, that whois.6bone.net does not have IPv6 > > connectivity? > > That has $always been the case. Hmmm. How to fix it? whois.6bone.net is located at Nokia, they have IPv6, should be doable... > A couple of weeks ago www.6bone.net only did v4 too :( But now they have nice and shiny IPv6 :-) > On another note... since when is there the possibility for delegating > 2002::/16 reverses ? > > 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. > 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. > 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. > 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. I'm not sure. In the last RIPE meetings, there was the wish to make it possible, but I haven't heard anything about it since then. > odd SOA record though 20021402, month 14 ? > > I also noticed that > f.5.ip6.int. NS ns.isi.edu. > f.5.ip6.int. NS flag.ep.net. > is still loaded onto the NS's and... Ooops. > *** ip6.int SOA record at ns.isi.edu is not authoritative I wouldn't mind too much if ip6.int could disappear quickly - *provided* the RIRs and IANA (and whoever) get their act together and make 3FFE reverse possible under ip6.arpa. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 47095 (46861) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From jeroen@unfix.org Mon Sep 23 17:25:01 2002 From: jeroen@unfix.org (Jeroen Massar) Date: Mon, 23 Sep 2002 18:25:01 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <20020923180712.O80239@Space.Net> Message-ID: <000a01c2631d$c48c84e0$210d640a@unfix.org> Gert Doering [mailto:gert@space.net] > Hi, > > On Mon, Sep 23, 2002 at 06:04:14PM +0200, Jeroen Massar wrote: > > Gert Doering > > > is ist just me...? > > > > > > $ dig whois.6bone.net any > > > ... > > > ;; ANSWER SECTION: > > > whois.6bone.net. 1H IN A 192.103.19.12 > > > > > > is it a bug, or a mis-feature, that whois.6bone.net does > not have IPv6 > > > connectivity? > > > > That has $always been the case. > > Hmmm. How to fix it? whois.6bone.net is located at Nokia, they have > IPv6, should be doable... If it's running from inetd it would be a sinch, otherwise some tunnel tools could do the trick (or read my netcat6 lips :) > > A couple of weeks ago www.6bone.net only did v4 too :( > > But now they have nice and shiny IPv6 :-) > > > On another note... since when is there the possibility for > delegating > > 2002::/16 reverses ? > > > > 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. > > 3.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. > > 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nl.vihti.fi. > > 6.0.0.d.d.e.3.c.2.0.0.2.ip6.int. 23h56m28s IN NS nya.vihti.fi. > > I'm not sure. In the last RIPE meetings, there was the wish to make > it possible, but I haven't heard anything about it since then. And nothing has been heared about it ever since indeed... So what's up with this ? > > odd SOA record though 20021402, month 14 ? > > > > I also noticed that > > f.5.ip6.int. NS ns.isi.edu. > > f.5.ip6.int. NS flag.ep.net. > > is still loaded onto the NS's and... > > Ooops. > > > *** ip6.int SOA record at ns.isi.edu is not authoritative > > I wouldn't mind too much if ip6.int could disappear quickly - > *provided* > the RIRs and IANA (and whoever) get their act together and make 3FFE > reverse possible under ip6.arpa. That 2002::/16 entry isn't visible under ip6.arpa.... Greets, Jeroen From Sascha Bielski Mon Sep 23 18:54:36 2002 From: Sascha Bielski (Sascha Bielski) Date: Mon, 23 Sep 2002 19:54:36 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: References: <20020923171027.A74430@Space.Net> Message-ID: <2-1177217218.20020923195436@rdns.de> Dear Bill Owens, > There was some discussion back in February of getting v6 connectivity > for that machine, but I don't recall seeing any updates. Is there a > v6-capable WHOIS client available? yes, telnet whoisserver 43. -- best regards, Sascha Bielski mailto:sb@rdns.de xs26.net German Coordination phone: +49 (0) 174 / 432 93 76 email: sb@rdns.de From md+6bone@Linux.IT Mon Sep 23 20:51:52 2002 From: md+6bone@Linux.IT (Marco d'Itri) Date: Mon, 23 Sep 2002 21:51:52 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: References: <20020923171027.A74430@Space.Net> Message-ID: <20020923195152.GA19592@wonderland.linux.it> On Sep 23, Bill Owens wrote: >There was some discussion back in February of getting v6 connectivity >for that machine, but I don't recall seeing any updates. Is there a >v6-capable WHOIS client available? Yes, since three years: http://www.bofh.it/~md/software/whois_4.5.29.tar.gz -- ciao, Marco From jeroen@unfix.org Mon Sep 23 21:52:10 2002 From: jeroen@unfix.org (Jeroen Massar) Date: Mon, 23 Sep 2002 22:52:10 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <2-1177217218.20020923195436@rdns.de> Message-ID: <003201c26343$1727d400$210d640a@unfix.org> Sascha Bielski wrote: > > There was some discussion back in February of getting v6 > connectivity > > for that machine, but I don't recall seeing any updates. Is there a > > v6-capable WHOIS client available? > > yes, telnet whoisserver 43. Even better default out of the box Debian*, FreeBSD** and NetBSD*** clients ;) * = The version I tested this with: Package: whois Version: 4.5.29 Maintainer: Marco d'Itri ** = FreeBSD 4.6+ (maybe lower) *** = NetBSD 1.6+ (maybe lower) 8<------------------------------ jeroen@purgatory:~$ whois -h whois.ipv6.sixxs.net LIM-SIXXS-TESTING % This is the SixXS Whois server. % SixXS - http://www.sixxs.net. % The objects are in RPSL format. % Objects not ending in -SIXXS are % cached from remote sources. limerick: LIM-SIXXS-TESTING description: This is the first test limerick description: inserted into the database text: Testing this thing text: made me sing text: I hope it will work text: and that the code wont bork text: nor ming admin-c: JRM1-RIPE author: JRM1-RIPE remarks: This object is generated from the SixXS database remarks: Abuse reports should go to abuse@sixxs.net remarks: Information can be found at http://www.sixxs.net/ changed: info@sixxs.net 20020819 mnt-by: SIXXS-MNT source: SIXXS ------------------------------>8 $ host -t any whois.ipv6.sixxs.net whois.ipv6.sixxs.net is an alias for noc.ipv6.sixxs.net. $ host -t any noc.ipv6.sixxs.net noc.ipv6.sixxs.net has AAAA address 3ffe:4007:1:1:210:dcff:fe20:7c7c No IPv4 there to connect too :) Greets, Jeroen From kre@munnari.OZ.AU Tue Sep 24 08:44:54 2002 From: kre@munnari.OZ.AU (Robert Elz) Date: Tue, 24 Sep 2002 14:44:54 +0700 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <000901c2631a$ddb680e0$210d640a@unfix.org> References: <000901c2631a$ddb680e0$210d640a@unfix.org> Message-ID: <24390.1032853494@munnari.OZ.AU> Date: Mon, 23 Sep 2002 18:04:14 +0200 From: "Jeroen Massar" Message-ID: <000901c2631a$ddb680e0$210d640a@unfix.org> | odd SOA record though 20021402, month 14 ? Serial numbers are just integers after all ... but a common reason for that kind of thing, is to correct (live with) a typo. Eg: If the serial number has a value like 20020708 and someone wants to change it to represent Aug 12th and makes it 20021208 instead of 20020812 ... rather than attempt to wind the numbers backwards, the months can just be left counting up. No idea if that is what happened, but it might have been. I have certainly done that before. | I also noticed that | f.5.ip6.int. NS ns.isi.edu. | f.5.ip6.int. NS flag.ep.net. | is still loaded onto the NS's and... Yes. I asked Bill Manning if it was not perhaps time to rid the world of that obsolete nonsense. He had some pathetic excuse for keeping it... | *** ip6.int SOA record at ns.isi.edu is not authoritative The ip6.int zone is transferred using TSIG. The key changed a while ago. Perhaps ns.isi.edu hasn't updated its key? Bill? kre From md+6bone@Linux.IT Tue Sep 24 16:34:53 2002 From: md+6bone@Linux.IT (Marco d'Itri) Date: Tue, 24 Sep 2002 17:34:53 +0200 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <003201c26343$1727d400$210d640a@unfix.org> References: <2-1177217218.20020923195436@rdns.de> <003201c26343$1727d400$210d640a@unfix.org> Message-ID: <20020924153453.GA1947@wonderland.linux.it> On Sep 23, Jeroen Massar wrote: >Even better default out of the box Debian*, FreeBSD** and NetBSD*** >clients ;) Mandrake Linux too, IIRC. -- ciao, Marco From david@IPRG.nokia.com Tue Sep 24 17:57:53 2002 From: david@IPRG.nokia.com (David Kessens) Date: Tue, 24 Sep 2002 09:57:53 -0700 Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <20020923180712.O80239@Space.Net>; from gert@space.net on Mon, Sep 23, 2002 at 06:07:12PM +0200 References: <20020923171027.A74430@Space.Net> <000901c2631a$ddb680e0$210d640a@unfix.org> <20020923180712.O80239@Space.Net> Message-ID: <20020924095753.D2518@iprg.nokia.com> Gert, On Mon, Sep 23, 2002 at 06:07:12PM +0200, Gert Doering wrote: > > Hmmm. How to fix it? whois.6bone.net is located at Nokia, they have > IPv6, should be doable... Yes, it is doable and rumors have it that I might soon find the time to finally fix this. I hope this helps, David K. --- From fink@es.net Tue Sep 24 18:04:58 2002 From: fink@es.net (Bob Fink) Date: Tue, 24 Sep 2002 10:04:58 -0700 Subject: [6bone] pTLA deallocation In-Reply-To: <20020922073524.GA18642@bfib.colo.bit.nl> Message-ID: <5.1.0.14.0.20020924093409.0260b240@imap2.es.net> Pim, At 09:35 AM 9/22/2002 +0200, Pim van Pelt wrote: >Dear Bob, dear 6bone-community, > >On the 1st of March 2002, I was allocated 3ffe:8350::/28 from the 6bone >for running a test deployment within Business Internet Trends, based in >the Netherlands. Two months later, I requested an allocation from the >RIPE-NCC and was allocated 2001:7b8::/35. > >Recently I transitioned the backbone network for this ISP from PDH to >Ethernet over WDM and am succesfully running 4 gigabit WDM trunks from >our hometown of Ede (NL) to the AMS-IX, spanning 90 km. > >After careful consideration by myself and the NOC people I represent, I >have concluded that we no longer need the 6BONE allocation and that we >are ready to provide commercial grade IPv6 connectivity to our >colocation and dialup customers. Thanks for returning your now unused 6bone pefix. This is the right thing to do for you, and for the 6bone. >I've removed the ip6.int files from our nameservers and retracted the >BGP announcements for the /28 network sometime last week. I checked just >now and see that the network no longer exists on 6BONE. That means I'm >ready to officially give the allocation back to the registry. > >I would like to say thank-you to Bob F and to David K who were so >supporting in rolling out IPv6 at AS12859. I hope your wine tasted ok, >David. > >Some operational matters should perhaps be addressed. After removing >DNS, BGP and all references within my network, apart from removing the >objects in the 6BONE whois-db, are there other things to take care of ? I can't think of any. Let's see if others come up with any. >Perhaps we can set up a checklist and stick it on www.6bone.net for other >operators to take a look at when they return their 6BONE allocation in >the future. Good idea. I would appreciate it if you could send me your suggested checklist when you are done. Let me know if I can be of help. Also, let me know when I should officially mark the prefix as not in use. Thanks, Bob From fink@es.net Tue Sep 24 18:22:57 2002 From: fink@es.net (Bob Fink) Date: Tue, 24 Sep 2002 10:22:57 -0700 Subject: [6bone] pTLA request EUROVIEW-GROUP - review closes 8 October 2002 Message-ID: <5.1.0.14.0.20020924100657.0264cec0@imap2.es.net> 6bone Folk, EUROVIEW-GROUP has requested a pTLA allocation and I find their request fully compliant with RFC2772. The open review period for this will close 8 October 2002. Please send your comments to me or the list. Note that the ASN that EUROVIEW-GROUP uses, AS15450, is owned by Alhambra Systems (ALHSYS), which is part of this collaboration. Thanks, Bob === >Subject: RV: EUROVIEW-GROUP pTLA request >Date: Mon, 16 Sep 2002 09:32:12 +0200 >From: "Javier Castillo Alcibar" >To: >Cc: "Javier Castillo Alcibar" > , Juan José Muñoz Martinez > >Hello Bob, > > I send you this email for request you a pTLA for the > EUROVIEW-GROUP (www.v6.euroview-group.com). Euroview group is a group of > different IT companies in Spain, France and Italy. We are very interested > in ipv6, and the first step is to start building a new ipv6 network for > test ipv6 software, solutions for our customers, etc.... > > If we need something, please tell me. This is the requested form: > > >7. Guidelines for 6Bone pTLA sites > >The following rules apply to qualify for a 6Bone pTLA allocation. It >should be recognized that holders of 6Bone pTLA allocations are >expected to provide production quality backbone network services for >the 6Bone. > > >1. The pTLA Applicant must have a minimum of three (3) months >qualifying experience as a 6Bone end-site or pNLA transit. During >the entire qualifying period the Applicant must be operationally >providing the following: > >a. Fully maintained, up to date, 6Bone Registry entries for their >ipv6-site inet6num, mntner, and person objects, including each >tunnel that the Applicant has. > > MNT-EUROVIEW-GROUP > EUROVIEW-GROUP > >b. Fully maintained, and reliable, BGP4+ peering and connectivity >between the Applicant's boundary router and the appropriate >connection point into the 6Bone. This router must be IPv6 >pingable. This criteria is judged by members of the 6Bone >Operations Group at the time of the Applicant's pTLA request. > >obsdv6> sh ipv6 bgp summary > >BGP router identifier 194.69.248.62, local AS number 46016 >389 BGP AS-PATH entries >0 BGP community entries > > >Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ >Up/Down State/PfxRcd >3ffe:8260:2010:fffe::1 > > 4 45328 16747 12633 0 0 0 2d11h02m 258 > >3ffe:8260:2010:ffff::1 > > 4 45329 10687 10013 0 0 0 02:26:07 258 > >Total number of neighbors 2 > > >c. Fully maintained DNS forward (AAAA) and reverse (ip6.int) >entries for the Applicant's router(s) and at least one host >system. > > deb1.v6.euroview-group.com > obsdv6.v6.euroview-group.com > > >d. A fully maintained, and reliable, IPv6-accessible system >providing, at a mimimum, one or more web pages, describing the >Applicant's IPv6 services. This server must be IPv6 pingable. > > Router: obsdv6.v6.euroview-group.com > > web server: www.v6.euroview-group.com > > host pingable: deb1.v6.euroview-spain.com > > >2. The pTLA Applicant MUST have the ability and intent to provide >"production-quality" 6Bone backbone service. Applicants must >provide a statement and information in support of this claim. >This MUST include the following: > > >a. A support staff of two persons minimum, three preferable, with >person attributes registered for each in the ipv6-site object >for the pTLA applicant. > > Javier Castillo (me): JCA1-6BONE > > Juan Jose Muñoz: JJMM1-6BONE > > >b. A common mailbox for support contact purposes that all support >staff have acess to, pointed to with a notify attribute in the >ipv6-site object for the pTLA Applicant. > > ipv6@alhsys.com > > >3. The pTLA Applicant MUST have a potential "user community" that >would be served by its becoming a pTLA, e.g., the Applicant is a >major provider of Internet service in a region, country, or focus >of interest. Applicant must provide a statement and information in >support this claim. > > > Euroview-Group is a group of different IT comanies, so these > companies and their clients are the first potential customers..... > >I can give a more detailed explanation of Euroview-Spain activities. >Euro-view Spain is an ISP and data/voice comunications integration company: > > - As ISP we provide internet connection to medium sized comanies to > Internet, and other internet based solutions such vpn's, extranets, etc. > A base of small home users exists today but is reducing cause the spread > of low cost xDSL technologies of big ISP providers. > > - As Datacomunications we are specialized in providing Lan/wan > connctivity between companies. We also work with carriers and operator to > provide IPv4 and other networking protocol services that they not > provided to their final customers in a overall project. > > - We are involved in data-voice convegence and CT and Call Center > apllications. > >Our first plans is to provide an ipv6 enabled network connected to the >backbone, and connecto to it our customers to divulgate and test ipv6 and >prepare them for migration strategies of their networks. > >At same time we want to spread the ipv6 protocols in the Eurovie-group >companies: ASP providers, SBC integrators, to give each other feed-back of >how ipv6 can influenciate future applications and business. > > >We want a 6bone prefix, and not a ripe prefix, > because we want to test deeply the IPv6 protocol,and the > 6bone seems to be a more test network than ripe's > networks. In a future, if IPv6 becomes the production IP protocol in > internet, we will >pick up a RIPE ipv6 address space, but until that moment arrives, we would >like to test >with some of our best customers, the IPv6 world. > > >4. The pTLA Applicant MUST commit to abide by the current 6Bone >operational rules and policies as they exist at time of its >application, and agree to abide by future 6Bone backbone >operational rules and policies as they evolve by consensus of the >6Bone backbone and user community. > > >Additional questions (from Bob): > >1. Your acknowledgement that you are not charging for services using the >6bone prefix, > >Of course. > > >2. Your acknowledgement that will give up your prefix when required by the >sponsoring organization of the 6bone, or its descendents (currently the IETF), > >No problem. Yes, we know that 6bone is test network, and we > will remark this point to our customers. > > >3. Your explanation of why you need a 6bone prefix instead of getting a >production prefix from the RIRs. Also, for my planning purposes, I would >appreciate it if you could tell me >why you think the 6bone is necessary, as opposed to just having networks >get production prefixes from the RIRs. If you wish, this answer will be >held in confidence. As I said above, it is for my planning purposes. > >We want a 6bone prefix, and not a ripe prefix, > because we want to test deeply the IPv6 protocol,and the > 6bone seems to be a more test network than ripe's > networks. In a future, if IPv6 becomes the production IP protocol in > internet, we will >pick up a RIPE ipv6 address space, but until that moment arrives, we would >like to test >with some of our best customers, the IPv6 world. > > > The main reason, I think, for the 6bone network is that > 6bone is the perfect testbed solution for ipv6 deployment. > When we have ipv6 fully tested, we will get a ripe prefix, > and we will offer to our customers real ipv6 services. Until > that, we are going to test routers, servers, OSs, protocols, > getting more familiar with ipv6, experience with different > solutions, etc, etc...Another good point is, that medium size > companies(like euroview-group) have the same rights and > privilegies that big companies like worldcom, telefonica, etc..... > > >If you find problems, please tell me. > > >Best regards. > >Javier. -end From bmanning@ISI.EDU Wed Sep 25 00:20:35 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Tue, 24 Sep 2002 16:20:35 -0700 (PDT) Subject: [6bone] whois.6bone.net has only v4 connectivity? In-Reply-To: <24390.1032853494@munnari.OZ.AU> from Robert Elz at "Sep 24, 2 02:44:54 pm" Message-ID: <200209242320.g8ONKZU13647@boreas.isi.edu> yes, serial numbers are integers. no typo there. ns.isi.edu is still using the old key (my bad) however I really need to remove ns.isi.edu since it won't have v6 transport anytime soon :( I'll fix up the -pre-6bone- delegation when I get off the plane. -- --bill From JORDI PALET MARTINEZ" Message-ID: <142801c264be$3bb4e570$8700000a@consulintel.es> Dear Christian, Sorry I miss this one before. I mean IPv6 is freedom (not free addresses), in the sense that you can have it and do anything you want (applications, services), while in IPv4, we have limitations because 32 bits aren't enough for all kind of devices, people, ..., of course, considering the end-to-end model (no NATs !). I agree that address do not belong to anyone, and are "always" allocated temporarily, but for an indefinite period of time. Too much philosophical, may be ;-) Regards, Jordi ----- Original Message ----- From: "Christian de Larrinaga" To: "Gert Doering" ; "JORDI PALET MARTINEZ" Cc: <6bone@ISI.EDU> Sent: Friday, September 13, 2002 5:02 PM Subject: RE: [6bone] proposal for transfer of 6bone address management responsibilities to RIRs > Jordi > > > > > Right now, it's important to push IPv6, but in the long run, I *want* > > restrictions on "who can get IPv6 blocks from the RIR". > > > > > I always say IPv6 is FREEDOM, and following the same rule as in IPv4, > > > it WILL NOT BE. > > > If IPv6 addresses are "free" in the sense you describe how do they get re > allocated when say a device dies or a home user moves on? > > > Christian de Larrinaga > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > *********************************************************** Madrid 2002 Global IPv6 Summit See all the documents on line at: www.ipv6-es.com From bmanning@ISI.EDU Wed Sep 25 23:58:24 2002 From: bmanning@ISI.EDU (Bill Manning) Date: Wed, 25 Sep 2002 15:58:24 -0700 (PDT) Subject: [6bone] pTLA deallocation In-Reply-To: <5.1.0.14.0.20020924093409.0260b240@imap2.es.net> from Bob Fink at "Sep 24, 2 10:04:58 am" Message-ID: <200209252258.g8PMwOB29301@boreas.isi.edu> % Pim, % % >I've removed the ip6.int files from our nameservers and retracted the % >BGP announcements for the /28 network sometime last week. I checked just % >now and see that the network no longer exists on 6BONE. That means I'm % >ready to officially give the allocation back to the registry. % > % I can't think of any. Let's see if others come up with any. as with any DNS work, if you remove the child records, you need to tell the parent that the delegation is gone, otherwise it remains lame. I'll update the e.f.f.3.ip6.int zone to reflect this prefix is no longer delegated. (whois is only one of the databases used. :) --bill From cdel@firsthand.net Thu Sep 26 16:35:39 2002 From: cdel@firsthand.net (Christian de Larrinaga) Date: Thu, 26 Sep 2002 16:35:39 +0100 Subject: [6bone] proposal for transfer of 6bone address management responsibilities to RIRs In-Reply-To: <142801c264be$3bb4e570$8700000a@consulintel.es> Message-ID: Jordi got it. I guess I'll have to suck up to RIPE now or invest in an IPv6 NAT box ;-) cheers. Christian > Behalf Of JORDI PALET MARTINEZ > Sent: Wednesday, September 25, 2002 07:06 > To: cdel@firsthand.net; Gert Doering > Cc: 6bone@ISI.EDU > > Dear Christian, > > Sorry I miss this one before. > > I mean IPv6 is freedom (not free addresses), in the sense that > you can have it and do anything you want (applications, services), > while in IPv4, we have limitations because 32 bits aren't enough > for all kind of devices, people, ..., of course, considering the > end-to-end model (no NATs !). > > I agree that address do not belong to anyone, and are "always" > allocated temporarily, but for an indefinite period of time. > > Too much philosophical, may be ;-) > > Regards, > Jordi > > ----- Original Message ----- > From: "Christian de Larrinaga" > To: "Gert Doering" ; "JORDI PALET MARTINEZ" > > Cc: <6bone@ISI.EDU> > Sent: Friday, September 13, 2002 5:02 PM > Subject: RE: [6bone] proposal for transfer of 6bone address > management responsibilities to RIRs > > > > Jordi > > > > > > > > Right now, it's important to push IPv6, but in the long run, I *want* > > > restrictions on "who can get IPv6 blocks from the RIR". > > > > > > > I always say IPv6 is FREEDOM, and following the same rule > as in IPv4, > > > > it WILL NOT BE. > > > > > > If IPv6 addresses are "free" in the sense you describe how do > they get re > > allocated when say a device dies or a home user moves on? > > > > > > Christian de Larrinaga > > > > _______________________________________________ > > 6bone mailing list > > 6bone@mailman.isi.edu > > http://mailman.isi.edu/mailman/listinfo/6bone > > > > > *********************************************************** > Madrid 2002 Global IPv6 Summit > See all the documents on line at: > www.ipv6-es.com > > > _______________________________________________ > 6bone mailing list > 6bone@mailman.isi.edu > http://mailman.isi.edu/mailman/listinfo/6bone > From michal-ipv6@logix.cz Fri Sep 27 11:09:04 2002 From: michal-ipv6@logix.cz (Michal Ludvig) Date: Fri, 27 Sep 2002 12:09:04 +0200 (CEST) Subject: [6bone] What AS to use in BGP Message-ID: Hi all, we're running a public WiFi network in Prague (Czech Republic) that serves (for now) several hundreds of people and is still growing. Now all our nodes use IPv4 10.0.0.0/8 network and we are doing NAT on the border router. Currently we're doing some experiments with IPv6 with prefix allocated from a tunnelbroker. However we'd like to become pTLA sometime in the future. I have read the requirements for becoming pTLA and I believe we could meet all of them, but I've found one thing that isn't clear to me: for BGP4+ peering I need an AS number. What should I use for it or how to get an official one? Thanks Michal Ludvig From gert@space.net Fri Sep 27 13:57:52 2002 From: gert@space.net (Gert Doering) Date: Fri, 27 Sep 2002 14:57:52 +0200 Subject: [6bone] What AS to use in BGP In-Reply-To: ; from michal-ipv6@logix.cz on Fri, Sep 27, 2002 at 12:09:04PM +0200 References: Message-ID: <20020927145752.R80239@Space.Net> Hi, On Fri, Sep 27, 2002 at 12:09:04PM +0200, Michal Ludvig wrote: > we're running a public WiFi network in Prague (Czech Republic) that serves > (for now) several hundreds of people and is still growing. Now all our > nodes use IPv4 10.0.0.0/8 network and we are doing NAT on the border > router. Currently we're doing some experiments with IPv6 with prefix > allocated from a tunnelbroker. However we'd like to become pTLA sometime > in the future. I have read the requirements for becoming pTLA and I > believe we could meet all of them, but I've found one thing that isn't > clear to me: for BGP4+ peering I need an AS number. What should I use for > it or how to get an official one? If you want to do BGP, you need to use an official AS number. You might want to talk to your IPv4 upstream ISP(s) and find out whether they can arrange something - they could go to RIPE for you and get an AS number, or maybe you can convince them to get their own IPv6 address space and allocate addresses to you. Gert Doering -- NetMaster -- Total number of prefixes smaller than registry allocations: 47686 (47095) SpaceNet AG Mail: netmaster@Space.Net Joseph-Dollinger-Bogen 14 Tel : +49-89-32356-0 80807 Muenchen Fax : +49-89-32356-299 From chuck+6bone@snew.com Fri Sep 27 16:37:38 2002 From: chuck+6bone@snew.com (Chuck Yerkes) Date: Fri, 27 Sep 2002 08:37:38 -0700 Subject: [6bone] Re: Commercial IPv6-ready firewall products? In-Reply-To: <2B81403386729140A3A899A8B39B046405E30C@server2000>; from michel@arneill-py.sacramento.ca.us on Thu, Sep 19, 2002 at 02:03:33PM -0700 References: <2B81403386729140A3A899A8B39B046405E30C@server2000> Message-ID: <20020927083738.A4030@snew.com> Quoting Michel Py (michel@arneill-py.sacramento.ca.us): > > David Carmean wrote: > > W.R.T. the Juniper and Cisco ACL suggestions... > > at the very least I will insist on a stateful packet > > filter, if not stateful inspection. > > I agree. Something like a reflexive access-list is a good beginning, but > you can't really call something a firewall unless it has stateful > inspection and goodies such as syn/ack detection. I've just fought Checkpoint problems (true bugs, it seems) at a client; I've dealt with several "commercial" firewalls that just aren't reliable and don't have the tools to debug them well (sniffing both nets with tcpdump does not count). I'm just delighted to keep using IPFilter, as I have been since 1995. It runs on my 12cm x 8cm x 2cm Soekris box (no fan, no drive, faster than my net will be soon). It doesn't have a pretty GUI, but I've maintained for 10 years that if vi(1) is too hard for you to use, then you shouldn't be running a firewall. TCP/IP{4,6} firewalling is complex. A pretty GUI doesn't make it less so. It understands state, various flags. best: It runs on my SGI, Suns, Open|Net|Free BSD boxes. And it's better supported than many $$$$$$ tools.