IETF Logo Mail Archive

RE: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)

"Templin, Fred L" <Fred.L.Templin@boeing.com> Thu, 28 August 2008 15:28 UTC

Return-Path: <owner-v6ops@ops.ietf.org>
X-Original-To: ietfarch-v6ops-archive@core3.amsl.com
Delivered-To: ietfarch-v6ops-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E372B3A6B2A for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 28 Aug 2008 08:28:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.577
X-Spam-Level:
X-Spam-Status: No, score=-0.577 tagged_above=-999 required=5 tests=[AWL=3.318, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, J_CHICKENPOX_13=0.6, RCVD_IN_DNSWL_MED=-4, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4PsUH4YYsbbj for <ietfarch-v6ops-archive@core3.amsl.com>; Thu, 28 Aug 2008 08:28:28 -0700 (PDT)
Received: from psg.com (psg.com [IPv6:2001:418:1::62]) by core3.amsl.com (Postfix) with ESMTP id 0C1743A6C55 for <v6ops-archive@lists.ietf.org>; Thu, 28 Aug 2008 08:28:28 -0700 (PDT)
Received: from majordom by psg.com with local (Exim 4.69 (FreeBSD)) (envelope-from <owner-v6ops@ops.ietf.org>) id 1KYjHK-0008ZY-47 for v6ops-data@psg.com; Thu, 28 Aug 2008 15:19:18 +0000
Received: from [130.76.96.56] (helo=stl-smtpout-01.boeing.com) by psg.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.69 (FreeBSD)) (envelope-from <Fred.L.Templin@boeing.com>) id 1KYjHC-0008Wv-UH for v6ops@ops.ietf.org; Thu, 28 Aug 2008 15:19:16 +0000
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com [192.76.190.6]) by stl-smtpout-01.ns.cs.boeing.com (8.14.0/8.14.0/8.14.0/SMTPOUT) with ESMTP id m7SFIuUU011987 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Thu, 28 Aug 2008 10:18:56 -0500 (CDT)
Received: from stl-av-01.boeing.com (localhost [127.0.0.1]) by stl-av-01.boeing.com (8.14.0/8.14.0/DOWNSTREAM_RELAY) with ESMTP id m7SFIu6a000538; Thu, 28 Aug 2008 10:18:56 -0500 (CDT)
Received: from XCH-NWBH-11.nw.nos.boeing.com (xch-nwbh-11.nw.nos.boeing.com [130.247.55.84]) by stl-av-01.boeing.com (8.14.0/8.14.0/UPSTREAM_RELAY) with ESMTP id m7SFIq2N000367; Thu, 28 Aug 2008 10:18:56 -0500 (CDT)
Received: from XCH-NW-7V2.nw.nos.boeing.com ([130.247.54.35]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.3959); Thu, 28 Aug 2008 08:18:56 -0700
x-mimeole: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
Date: Thu, 28 Aug 2008 08:16:09 -0700
Message-ID: <39C363776A4E8C4A94691D2BD9D1C9A104E93359@XCH-NW-7V2.nw.nos.boeing.com>
In-Reply-To: <001b01c908ac$2b7d5140$c2f0200a@cisco.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: But are we talking IPv6 only? That's how I read the draft. (Re: Some suggestions for draft-ietf-v6ops-cpe-simple-security-03)
Thread-Index: AckIqJVZkxMn88XYT3yfZ5L+fRrrJwAAxBwgAByuuLA=
References: <20080824204553.08131c65.ipng@69706e6720323030352d30312d31340a.nosense.org> <48B1CCE8.1070305@gmail.com> <01af01c9065b$b4602440$c2f0200a@cisco.com> <48B23391.1090503@gmail.com> <01cd01c90672$a57c8790$c2f0200a@cisco.com> <48B31DA3.6080001@gmail.com> <07d201c906f7$50a85e30$c2f0200a@cisco.com> <48B32B43.5010103@gmail.com> <084c01c906fe$f9bf1840$c2f0200a@cisco.com> <48B33430.40704@gmail.com> <A31EB889-2BD9-4283-A408-AB6DCC1D568A@suspicious.org> <08be01c90712$d876cd40$c2f0200a@cisco.com> <20080827194713.23271bd1.ipng@69706e6720323030352d30312d31340a.nosense.org> <CD947C45-58F7-47F1-807F-A276490B1E39@apple.com> <0e6001c908a2$b8fcf700$c2f0200a@cisco.com> <F0E4B018-AA5E-4344-A40B-3F6D974B7EA1@apple.com> <001b01c908ac$2b7d5140$c2f0200a@cisco.com>
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: Dan Wing <dwing@cisco.com>, james woodyatt <jhw@apple.com>, IPv6 Operations <v6ops@ops.ietf.org>
X-OriginalArrivalTime: 28 Aug 2008 15:18:56.0422 (UTC) FILETIME=[63791460:01C90921]
Sender: owner-v6ops@ops.ietf.org
Precedence: bulk
List-ID: <v6ops.ops.ietf.org>

>My confusion -- which persists even after reading your email -- is
>what this home network (with a dual-stack CPE) looks like:  which 
>device(s) terminate IPv6-over-IPv4 tunnels (the CPE itself?  Or a 
>host behind the CPE?), which devices get IPv4 addresses (only the 
>CPE itself, or also devices behind the CPE?), and so on.

In the case of unsolicited incoming IPv6-in-IPv4 packets,
if the CPE is a 6to4 or ISATAP router, the CPE terminates
the tunnel. (If the site behind the CPE uses ISATAP, the
packets are then admitted into a *different* tunnel that
spans the site behind the CPE.)

If the CPE is *not* configured as either a 6to4 or ISATAP
router, a Teredo tunnel could still be used to direct
encapsulated packets through an open port in the CPE
and to the final destination within the site. (That is,
if the port is being kept open through keepalives sent
by the final destination.)

I haven't read the draft, but I'm pretty sure this stuff
is well known within the v6ops community; does the draft
fail to mention and/or misrepresent any of the above?

Fred
fred.l.templin@boeing.com

v2.23.0 | Report a Bug | By Email