Re: [v4tov6transition] Ways to break IPv6

Rémi Després <remi.despres@free.fr> Wed, 13 October 2010 12:54 UTC

Return-Path: <remi.despres@free.fr>
X-Original-To: v4tov6transition@core3.amsl.com
Delivered-To: v4tov6transition@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EDC443A6899 for <v4tov6transition@core3.amsl.com>; Wed, 13 Oct 2010 05:54:45 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.428
X-Spam-Level:
X-Spam-Status: No, score=-1.428 tagged_above=-999 required=5 tests=[AWL=0.521, BAYES_00=-2.599, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M9cwZPDK+urr for <v4tov6transition@core3.amsl.com>; Wed, 13 Oct 2010 05:54:44 -0700 (PDT)
Received: from smtp23.services.sfr.fr (smtp23.services.sfr.fr [93.17.128.22]) by core3.amsl.com (Postfix) with ESMTP id 9240C3A6930 for <v4tov6transition@ietf.org>; Wed, 13 Oct 2010 05:54:38 -0700 (PDT)
Received: from filter.sfr.fr (localhost [127.0.0.1]) by msfrf2317.sfr.fr (SMTP Server) with ESMTP id 92A5F7000095; Wed, 13 Oct 2010 14:55:54 +0200 (CEST)
Received: from [192.168.0.20] (per92-10-88-166-221-144.fbx.proxad.net [88.166.221.144]) by msfrf2317.sfr.fr (SMTP Server) with ESMTP id 5602A7000099; Wed, 13 Oct 2010 14:55:54 +0200 (CEST)
X-SFR-UUID: 20101013125554352.5602A7000099@msfrf2317.sfr.fr
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset=iso-8859-1
From: =?iso-8859-1?Q?R=E9mi_Despr=E9s?= <remi.despres@free.fr>
In-Reply-To: <EMEW3|e1d69ee194dd88e609f0f9bc9b8e0675m9CAjg03tjc|ecs.soton.ac.uk|77302F73-8B39-4417-91C8-334B06964EF9@ecs.soton.ac.uk>
Date: Wed, 13 Oct 2010 14:55:53 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <89AF6B6D-AB1B-4FED-89C6-8674FFE36EDF@free.fr>
References: <4CB51C1D.7040104@sri.com> <1593A30D-A5EE-4FEE-9C0F-DF01D5F7F570@bogus.com> <77302F73-8B39-4417-91C8-334B06964EF9@ecs.soton.ac.uk> <EMEW3|e1d69ee194dd88e609f0f9bc9b8e0675m9CAjg03tjc|ecs.soton.ac.uk|77302F73-8B39-4417-91C8-334B06964EF9@ecs.soton.ac.uk>
To: Tim Chown <tjc@ecs.soton.ac.uk>
X-Mailer: Apple Mail (2.1081)
Cc: v4tov6transition@ietf.org
Subject: Re: [v4tov6transition] Ways to break IPv6
X-BeenThere: v4tov6transition@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <v4tov6transition.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/v4tov6transition>, <mailto:v4tov6transition-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v4tov6transition>
List-Post: <mailto:v4tov6transition@ietf.org>
List-Help: <mailto:v4tov6transition-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v4tov6transition>, <mailto:v4tov6transition-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2010 12:54:47 -0000

Le 13 oct. 2010 à 11:45, Tim Chown a écrit :

> 
> On 13 Oct 2010, at 07:49, Joel Jaeggli wrote:
> 
>> I love how we talk about what they will do in the future tense. They do this today. my corporate laptops have had v6 broken in various sundry ways by bad policy and retarded security products across three employers since 2007. As long as v6 has been enabled in systems  people have been disabling it deliberately, or worse, breaking it in ways that make you wonder how these companies keep v4 working, in point of fact sometimes they don't. 
> 
> Disabling IPv6 administratively is probably quite wise, until you're ready to do a managed deployment.

This definitely depends on the context.
As a free.fr customer, I have been using IPv6 since december 2007, and find no need to disable it.
In particular, we never had any rogue RA problem that might have justified it.

>     Even in supposed IPv4-only networks issues like rogue RAs can cause problems for hosts with IPv6 enabled.    We surveyed a local reasonable size wireless network for example and 50% of the time a host somewhere on it was issuing rogue RAs; that was over 6 months of data.

Finding which proportion of IPv6 users have problems is useful per se.
But wouldn't it be useful also to know which configurations have no problem?

Regards,
RD

> 
> Tim
> _______________________________________________
> v4tov6transition mailing list
> v4tov6transition@ietf.org
> https://www.ietf.org/mailman/listinfo/v4tov6transition