[6bed4-devel] ICMPv6 Neighbor discovery and tunnels over the Ipv4 internet
zeroconfig IPv6 tunnel
Status: Beta
Brought to you by:
vanrein
Menu
▾
▴
[6bed4-devel] ICMPv6 Neighbor discovery and tunnels over the Ipv4 internet
|
From: <ebi...@xm...> - 2012-07-04 01:11:54
|
So I took a good hard look at what it would take to get ICMPv6 relatively safe and have the property that it worked reasonably well over the NATed internet. You have to add support for multiple source and destination addresses. You have to require support for nonces, and use them to prevent problems with source address spoofing. You have to change the semantics so that you don't trust source and destination addresses that have been provided until you have verified them. And there are a whole host of slight differences in semantics that you have to handle very carefully. And ultimately you have what is effectively a whole new protocol. If ipv6 was likely to run over networks with these perverse characteristics on a regular basis it would be worth specifying the necessary extensions. As IPv6 is mostly likely to run over ethernet links and other similar links that have similar properties I just don't think it makes sense to upgrade Neighbor Discovery to the extent it is barely recognizable. Instead something simpler should be implemented. Eric |