From: Jack Bates (no email)
Date: Wed Nov 19 2008 - 18:03:44 EST
Christopher Morrow wrote:
> 6to4 v6 addrs are just regular v6 addrs as far as the network is
> concerned. if you put a 6to4 addr on your server you are saying that
> you don't have native v6 transport to that host(s) and that you are
> reachable via the 6to4 tunnel your host presumably has configured.
Sure it's just another address, except the anycast portion of it for
dealing with tunnels. It's also usually set to a different label and
priority in windows prefix policies (and at least some linux setups). I
was referring to the matter of if a windows box will even choose to use
> 6to4 is just an ip, 128bits long, but an ip... no differentiation is
> made in the network for 6to4 vs 'normal v6'... unless someone's
> putting up acls, or blackholing 6to4's /16, of course.
Windows and several other end systems use prefix policies to determine
if they use IPv6 or IPv4 and even when using IPv6, if they should use
the 6to4 tunnel or not.
> can you explain this a little more? is it possible your v6 packets hit
> something like 6pe inside HE and exit to NTT without hitting a
If a router does not a) know how to encapsulate 6to4 and send it over
ipv4 to the destination or b) know how to reach a 6to4 anycast address
where the packet can be encapsulated into IPv4, the packet is going to
get dropped. Of course, you could be right. he.net could be purposefully
not sending icmp replies back to 6to4 addresses for other reasons while
replying to my non-6to4 addresses. I hesitate to say filter, as it does
push the 6to4 sourced packets on to other networks.