nanog mailing list archives
Re: Question re session hijacking in dual stack environments w/MacOS
From: Ca By <cb.list6 () gmail com>
Date: Sat, 26 Sep 2015 07:47:02 -0700
On Saturday, September 26, 2015, David Hubbard < dhubbard () dino hostasaurus com> wrote:
Hey all, as we've slowly deployed IPv6 to our end users, it has begun to cause some issues for those on Mac's specifically. Apple apparently has an algorithm at some point in the network stack to decide whether IPv4 or IPv6 is, perhaps, 'better' or 'faster' at any given point in time during an ongoing session. This allows a computer talking to a dual stack remote website to flip flop between v4 and v6 as activity is conducted. Websites that require some type of authentication that is handled via session cookies have been booting our users out randomly with "your ip address has changed" type message. This occurs when their Mac decides to switch between protocols because the site views it as a session hijacking attempt when Joe User with session ID xyz switches from 192.0.2.10 to 2001:db8::1:1:a or vice versa. Has anyone run into this? Our users on other platforms don't seem to have this issue; linux and MS desktops seem to just use v6 if it's available and v4 if not. Thanks, David
Info about Apple and their unique IPv6 selection process https://www.ietf.org/mail-archive/web/v6ops/current/msg22455.html
Current thread:
- Question re session hijacking in dual stack environments w/MacOS David Hubbard (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Ca By (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Laszlo Hanyecz (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Mark Tinka (Sep 29)
- <Possible follow-ups>
- Re: Question re session hijacking in dual stack environments w/MacOS Brandon Butterworth (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Michael Brown (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Dovid Bender (Sep 26)
- Re: Question re session hijacking in dual stack environments w/MacOS Valdis . Kletnieks (Sep 27)
- Re: Question re session hijacking in dual stack environments w/MacOS Connor Wilkins (Sep 27)
- Re: Question re session hijacking in dual stack environments w/MacOS Christopher Morrow (Sep 27)
- Re: Question re session hijacking in dual stack environments w/MacOS John Schimmel (Sep 28)
- Re: Question re session hijacking in dual stack environments w/MacOS Laszlo Hanyecz (Sep 28)