> On Jun 18, 2018, at 8:31 PM, Mark Andrews <ma...@isc.org> wrote:
>
> If you are using 2002::/16 you know are relying on third parties. Not that
> it is much
> different to any other address where you are relying on third parties.
>
> If one is going to filter 2002::/16 from BGP then install your own gateway to
> preserve
> the functionality.
It does not appear the functionality is working at present, which I think is
the more critical point. Taking a quick sampling of where I see the packets
going from two different networks, it doesn’t seem to be going where it’s
expected, nor is it working as expected. These appear to be at best routing
leaks similar to leaking rfc6761 space that should be under your local control.
They could also be seen as a privacy issue by taking packets destined to
2002::/16 somewhere unexpected and off-continent.
I would expect even in the cases where it does work, it would be subject to the
same challenges faced by people using VPN services (being blocked from your
kids favorite streaming services) and much poorer performance than native IPv4.
There is also the problem noted by Wes George with 6to4 being used in DNS
amplification, which may be interesting..
http://iepg.org/2018-03-18-ietf101/wes.pdf
I don’t believe most providers are intending to offer 6to4 as a global service.
Even the large providers (eg: Comcast) seem to have disabled it ~4+ years ago.
While I know there’s people on the internet that like to hang on to legacy
things, this is one that should end. The networks and devices today no longer
require this sort of transition technology, and the networks where it’s left
won’t want it as it will be used for various bad things(tm).
- Jared
