nanog mailing list archives

RE: Microsoft and Teredo

From: <michael.dillon () bt com>
Date: Thu, 31 May 2007 15:24:15 +0100

In perfect time, this was published yesterday, to answer that very
question:
http://www.ietf.org/internet-drafts/draft-hoagland-v6ops-
teredosecconcerns-00.txt


Unfortunately, he doesn't say much in the way of solutions. For
instance, if a company has internal IPv6 connectivity to their ISP, then
presumably, Teredo is not needed. The problem then becomes one of
firewall vendors supporting IPv6. He positions it as a problem that
needs awkward workarounds such as blocking Teredo or patching Windows.
He gives up on firewall vendors and only looks at their ability to do
deep packet inspection by unencapsulating tunneled traffic. But plain
ordinary IPv6 support from firewall vendors is not mentioned.

In any case, this draft is directed at the enterprise which rigorously
firewalls all ingress/egress traffic at the edge. 

--Michael Dillon

Current thread:

Microsoft and Teredo Sean Siler (May 30)
- Re: Microsoft and Teredo matthew zeier (May 30)
- Re: Microsoft and Teredo Nathan Ward (May 30)
  - Re: Microsoft and Teredo JORDI PALET MARTINEZ (May 30)
    - Re: Microsoft and Teredo Nathan Ward (May 30)
    - Re: Microsoft and Teredo JORDI PALET MARTINEZ (May 30)
  - RE: Microsoft and Teredo Sean Siler (May 31)
    - Re: Microsoft and Teredo Adrian Chadd (May 31)
    - Re: Microsoft and Teredo Nathan Ward (May 31)
    - RE: Microsoft and Teredo michael.dillon (May 31)
    - Re: Microsoft and Teredo Nathan Ward (May 31)
    - RE: Microsoft and Teredo Sean Siler (May 31)
    - Re: Microsoft and Teredo JORDI PALET MARTINEZ (May 31)
    - Re: Microsoft and Teredo Adrian Chadd (May 31)
    - Re: Microsoft and Teredo JORDI PALET MARTINEZ (May 31)
    - Re: Microsoft and Teredo Stephen Sprunk (May 31)
    - Re: Microsoft and Teredo Nathan Ward (May 31)
    - Re: Microsoft and Teredo JORDI PALET MARTINEZ (May 31)