[arin-ppml] ARIN-prop-127: Shared Transition Space for IPv4 Address Extension

Mark Andrews marka at isc.org
Mon Jan 24 20:02:06 EST 2011

In message <54E900DC635DAB4DB7A6D799B3C4CD8E0670A7 at PLSWM12A.ad.sprint.com>, "Ge
orge, Wes E [NTK]" writes:
> > From: Owen DeLong [mailto:owen at delong.com]
> > Sent: Monday, January 24, 2011 2:54 PM
> > To: George, Wes E [NTK]
> > Cc: Joel Jaeggli; arin-ppml at arin.net
> > Subject: Re: [arin-ppml] ARIN-prop-127: Shared Transition Space for
> > IPv4 Address Extension
> > 
> > That's a pretty good argument for having a defined block that people
> > can
> > adjust the 6to4 routers to know about. 
> Arguably, anycast 6to4 is
> > moderately
> > broken in a wide variety of circumstances anyway. I don't think it's
> > quite
> > as bad as Lorenzo would have us all believe, but, there are definite
> > problems.
> > 
> [WES] sigh. We've gone round the circle again. If we could update those
> boxes to understand that this block isn't a valid external address to use
> for 6to4, we could also update them to do real IPv6, or to use class E
> space, or 6RD, or DSLite, etc, etc.
> The only thing that I can think of that makes this less broken would be if
> the CGN box is smart enough to serve as an ALG for 6to4 packets (not just a
> 6to4 relay) and locally terminate them so that it can send real IPv6 packets
> between itself and the destination, or otherwise rewrite the 6to4 packet
> headers and track the state so that 6to4 actually works properly with the
> external address. But I haven't heard of any vendors peddling that
> particular hack yet, nor are any of the usual suspects generating a draft in
> IETF for it (that I know of).

And doing so would effectively create a IPv6 NAT.  Lets not go there.
> The idea here is that regardless of what anyone thinks about it, to quote
> Brian Carpenter, "the toothpaste is out of the tube now." That is, we're
> stuck with 6to4, and we're better off trying to make it work better for
> those who are using it than to continue treating it as a completely
> second-class citizen, because ultimately it is still a means to increase
> IPv6 deployment in places where it otherwise wouldn't exist. Most of the
> brokenness is because there aren't enough properly run 6to4 relays close
> enough to the sources and sinks of traffic. Only a small percentage is due
> to broken implementations that try to do 6to4 with 1918 addresses or the
> like. Last I heard, Brian was working on a draft to make some
> recommendations about how to make 6to4 suck less, but if Comcast's
> experiences with 6to4 are any indication, simply saying "eh, 6to4 is broken
> anyway" is a cop-out.

Having a well defined common address range where 6to4 in known to
be broken is much better than having to figure out if the address
range you happen to be sitting on is shared or not.

6to4 is a legitimate reason to not be put into a shared address
range until you have equipment that supports IPv6 natively or via

Hotels have offered shared by default and global on request for years
now.  There is no reason ISP's can't do the same thing.

> Wes George
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: marka at isc.org

More information about the ARIN-PPML mailing list