Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-historic-07.txt - software bugs
Alexandru Petrescu <alexandru.petrescu@gmail.com> Thu, 13 November 2014 23:03 UTC
Return-Path: <alexandru.petrescu@gmail.com>
X-Original-To: v6ops@ietfa.amsl.com
Delivered-To: v6ops@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9C8BC1AE1AE for <v6ops@ietfa.amsl.com>; Thu, 13 Nov 2014 15:03:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.983
X-Spam-Level:
X-Spam-Status: No, score=-4.983 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, FREEMAIL_FROM=0.001, HELO_EQ_FR=0.35, NML_ADSP_CUSTOM_MED=0.9, RCVD_IN_DNSWL_HI=-5, SPF_SOFTFAIL=0.665] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y43FBh3GNJUq for <v6ops@ietfa.amsl.com>; Thu, 13 Nov 2014 15:03:24 -0800 (PST)
Received: from cirse-out.extra.cea.fr (cirse-out.extra.cea.fr [132.167.192.142]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7F0311AE1A8 for <v6ops@ietf.org>; Thu, 13 Nov 2014 15:03:23 -0800 (PST)
Received: from pisaure.intra.cea.fr (pisaure.intra.cea.fr [132.166.88.21]) by cirse.extra.cea.fr (8.14.2/8.14.2/CEAnet-Internet-out-2.3) with ESMTP id sADN3J16019413; Fri, 14 Nov 2014 00:03:19 +0100
Received: from pisaure.intra.cea.fr (localhost [127.0.0.1]) by localhost (Postfix) with SMTP id E664020473E; Fri, 14 Nov 2014 00:03:39 +0100 (CET)
Received: from muguet1.intra.cea.fr (muguet1.intra.cea.fr [132.166.192.6]) by pisaure.intra.cea.fr (Postfix) with ESMTP id D8C1B203F87; Fri, 14 Nov 2014 00:03:39 +0100 (CET)
Received: from [127.0.0.1] ([132.166.84.11]) by muguet1.intra.cea.fr (8.13.8/8.13.8/CEAnet-Intranet-out-1.2) with ESMTP id sADN3B9u019617; Fri, 14 Nov 2014 00:03:18 +0100
Message-ID: <546538AF.1050101@gmail.com>
Date: Fri, 14 Nov 2014 00:03:11 +0100
From: Alexandru Petrescu <alexandru.petrescu@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: Jeroen Massar <jeroen@massar.ch>, v6ops@ietf.org
References: <20141111054026.11197.49784.idtracker@ietfa.amsl.com> <5461A23D.5020506@gmail.com> <546264A5.4050309@umn.edu> <546271A2.907@gmail.com> <5463C716.1030805@umn.edu> <54646DBE.9060800@dougbarton.us> <20141113084029.GT31092@Space.Net> <5464E4F6.9070401@gmail.com> <5465021A.2080305@dougbarton.us> <546509F1.5060508@massar.ch> <54652069.30805@gmail.com> <546525E7.7050006@massar.ch> <54652E0C.7050901@gmail.com> <546534B0.90300@massar.ch>
In-Reply-To: <546534B0.90300@massar.ch>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: http://mailarchive.ietf.org/arch/msg/v6ops/1STXzmqEgCnS6Z0poUqPm66ChH0
Subject: Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-historic-07.txt - software bugs
X-BeenThere: v6ops@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: v6ops discussion list <v6ops.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/v6ops>, <mailto:v6ops-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/v6ops/>
List-Post: <mailto:v6ops@ietf.org>
List-Help: <mailto:v6ops-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/v6ops>, <mailto:v6ops-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Nov 2014 23:03:26 -0000
Le 13/11/2014 23:46, Jeroen Massar a écrit : > [Replies to multiple mails in this thread compressed into one] > > On 2014-11-13 23:17, Alexandru Petrescu wrote: [..] >>>> Do not deprecate until you offer a solution satisfying a >>>> number of requirements (currently unsatisfied by eg tunnel >>>> brokers). >>> >>> Which requirements are these? >> >> Ones one would have to lay down and agree on before engaging in >> new work. >> >> For example -1- must allow for reverse DNS ok, > > That is a business decision. Most (all?) TBs provide this. > > Note that a normal ISP does not do this, hence bit silly to require > it for a free tunnel... Home ISP may not do it, but business ISP does. >> -2- must be secureable by existing e2e IPsec, > > The tunnel or the packets that flow within it? What is the problem > you are trying to solve? I need to trust enough the other endpoint, not send something in the wild. > The packets in the tunnel are 1280+ hence, go IPSec away as much as > you want. > > For securing the tunnel it would require distributing keying > material. > > As IPsec is horrible to configure and does not work through NATs > happily (yes, you can patch crap) nobody ever bothered with this. > > For AYIYA packets are signed btw, hence, no spoofing of those. There > is no crypto though there either. The questions I have about these are numerous but mostly administrative as such are hard to formulate here in a public forum. It has to do with what kind of business is it, etc. > >> -3- to the extent of possible be easy to set up for Clients > > TSP (gogoclient) and TIC (AICCU) solve that problem. CPEs incorporate > these tools or have their own implementations (eg Fritz!Box). > > How much 'easier' do you want it? Easy in the sense of as easy as opening a Google account. >> and not involve intervention of another party (like when >> requesting an IPv6 address from an administrator, delayed paper >> forms, etc). > > Gogo's "anonymous" TSP tunnels do this. They get a lot of abuse. For example, do they spy on you? > Other Tunnel Brokers and Gogo TSP in "authenticated" mode require > that one signs up, just as you would with a IPv4 ISP. For example, what kind of private data should I share with them? > This is a "business" decision though. Nothing a technical thing can > solve. There is no such aspect in 6to4... >> From another mail: > >> For example, the current tunnel brokers are very good but (1) are >> not trustful, > > What do you mean with "trustful"? HArd to say, who do _you_ trust? Trustful in the sense of accountable. I dont want them to spy my traffic, at least. I want them to anwser questions when asked. >> (2) force into later efforts to renumber when going native, > > Changing ISPs typically require that. Whereas we can require the destinationISP to set up routing such that I keep the same prefix I got from the first. Or update other databases. > Only way to avoid that is to get your own PI space. Another administrative effort? > At that point you will be able to arrange your own connectivity too > though. Only to those ISPs who accept it? >> (3) require filling in forms. 6to4 has the advantage of not >> requiring 3. > > And 6to4 is unreliable as no ISP can 100% support it. Its mostly a matter of 6to4 Relays uptime and IP routing finding right paths. Up to now I didnt experience 6to4 Relay not responding. > With Tunnel Brokers you are signing up for a service. Signing up > requires forms. Are the Tunnel Brokers ready to fill in forms that I request conceive? > Though those forms are there primarily to limit abuse too and to > enable contacting people when they problems with their tunnel so > that it can be resolved. What about the potential abuse from the Tunnel Brokers? > And another mail: >> 6to4 is not alowing for reverse DNS either, if I am not terribly >> wrong. > > https://6to4.nro.net Thanks, I didnt know that. Does it require filling in forms for each IP address? I am easier at vi-ing a config file in my local DNS and then DNS takes care of rest. > But even then you still do not want 6to4 as it is unreliable ;) :-) Alex > > Doug Barton wrote: >> ... and yet I would assert that unless we're talking about >> something that is provider managed (such as 6rd) then automatically >> enabling it for the user is a bad idea. It will create more >> problems than it solves, and cause a lot of support calls, which >> ISPs are not > going to like. > > Exactly. > > Greets, Jeroen > > >
- [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-hist… internet-drafts
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… David Farmer
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Templin, Fred L
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Templin, Fred L
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… James Woodyatt
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Lorenzo Colitti
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Gert Doering
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… David Farmer
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Gert Doering
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Jeroen Massar
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Ole Troan
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Gert Doering
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Gert Doering
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Jeroen Massar
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Jeroen Massar
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Doug Barton
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Jeroen Massar
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-hist… Victor Kuarsingh
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- [v6ops] Missing features of Tunnel Brokers (Was: … Jeroen Massar
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… James Woodyatt
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Brian E Carpenter
- Re: [v6ops] I-D Action: draft-ietf-v6ops-6to4-to-… Alexandru Petrescu