This is the last thing to complete transition from IPv6 back to IPv4 wickedness. :-) Feedback follows: make this and do not show to anyone, especially to your mother. :-) If you have some problem, w
Alexey Kuznetsov wrote: Hello! I am currently completing a port of the Netfilter connection tracking subsystem from IPv4 to IPv6. Most of the features in this port are complete, except for fragment
kuznet@xxxxxxxxxxxxx wrote: Hello! answer on the question of why it would need on-the-fly fragmenting: 1.) to make it's life easier when tracking layer-3/4 headers and messing with packet data (in N
Yes, it is 1280. And lower MTUs are simply prohibited for IPv6 networks by law, it is difference of IPv4, where network can have any mtu. IPv6 is designed specially to avoid such things. If you have
kuznet@xxxxxxxxxxxxx wrote: Hello! I read somewhere that the correct size for an IPv6 link was 1500. Is this wrong? Is the correct MTU smaller? If it is, then sorry in advance ;-) Yes, it is 1280. A
On the contrary, it might be useful for transition from IPv4 to IPv6 ;-) IPv6 connection tracking is useful for NAT-PT. However, other options on top of IPv6 conntrack like masquerading, v6-v6 NAT,
On the contrary, it might be useful for transition from IPv4 to IPv6 ;-) IPv6 connection tracking is useful for NAT-PT. However, other options on top of IPv6 conntrack like masquerading, v6-v6 NAT,
Well, like I told Mr. Alexey, I think NAT in its major form for IPv6 is dead. Right now, the only use ip6_conntrack would be to an IPv6 firewall implementation would be tracking packet states via -m
I agree, only IPv6 related NAT worth thinking about is NAT-PT. But you should only need to check port numbers on the IPv4 side, on the IPv6 side you should only be interested in the IPv6 address, so
Author: Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 02 Aug 2001 11:33:59 -0400
Imran> IPv6 ;-) IPv6 connection tracking is useful for NAT-PT. However, Imran> other options on top of IPv6 conntrack like masquerading, v6-v6 Imran> NAT, etc look useless and silly. connection trac
Author: Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 02 Aug 2001 13:14:53 -0400
Ralf> You forget real world. I bet ISPs will continue to only give a You forget 6to4. One IPv4 address gets you 2^80 IPv6 addresses. ] ON HUMILITY: to err is human. To moo, bovine. | firewalls [ ] Mi
But aren't the addressing specs saying that we must consider each and every router port (which I take dialup servers to be) as /64 ? Now to think of that... 64k lines of modem pools can thus be fitte
This is feared by many. However, there is some very strict wording against this in IESG address allocation policy, which is being approved by RIR's. As there are no huge technical or address allocati
There are, however, technical reasons why ISPs might want to use dynamic IPs (if they have lots of dial-up hardware in different locations, routing issues make static IP difficult), so although their
Mark Baker spake unto us the following wisdom: IIRC, there are discussions in one of the IPv6 RFCs of exactly this. This type of NAT is obscenely simple for protocols that are not internally address-
This is an "illegal" use of NAT for IPv6. The use of autoconfiguration/router renumbering is encouraged in situations like these. If the prefix isn't static, dyndns _could_ be used but I don't see th
Author: Michael Richardson <mcr@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 03 Aug 2001 16:58:02 -0400
Mark> There are, however, technical reasons why ISPs might want to use Mark> dynamic IPs (if they have lots of dial-up hardware in different Mark> locations, routing issues make static IP difficult),
I am currently completing a port of the Netfilter connection tracking subsystem from IPv4 to IPv6. Most of the features in this port are complete, except for fragment handling, which is nonexistent.