ipv6 transit over tunneled connection

Christopher Morrow morrowc.lists at gmail.com
Fri May 14 13:57:20 CDT 2010


On Fri, May 14, 2010 at 2:29 PM, Franck Martin <franck at genius.com> wrote:
> I said somewhere in here... wierd quoting happened.
> On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy <mulitskiy at acedsl.com>
> wrote:
>> Hello,
>>
>> We're in the early stage of planning ipv6 deployment -
>> learning/labbing/experimenting/etc. We've got to the point when we're
>> also planning to request initial ipv6 allocation from ARIN.
>> So I wonder what ipv6 transit options I have if my upstreams do not
>> support native ipv6 connectivity?
>> I see Hurricane Electric tunnel broker BGP tunnel. Is there anything
>> else? Either free or commercial?
>
> 1) see gblx/ntt/sprint/twt/vzb for transit-v6
> 2) tunnel inside your domain (your control, your MTU issues, your
> alternate pathing of tunnels vs pipe)
> 3) don't tunnel beyond your borders, really just don't
>
> tunnels are bad, always.
> -chris
>
> I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you
> cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6
> states the use of tunnels).

Tunnels promote poor paths, they bring along LOTS of issues wrt PMTUD,
asymmetry of paths, improper/inefficient paths (see example paths from
several ripe preso's by jereon/others), longer latency. If the tunnel
exits your border you can't control what happens and you can't affect
that tunnels performance characteristics. it's 2010, get native v6.

> If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500.
> With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in
> IPv6 tunnels, how will we work with jumbo packets?

a non-negligible part of the ipv6 internet doesn't work at all with
>1280 mtu... due to tunnels and some other hackery :( jumbo packets
are a fiction, everyone should stop 10 years ago believing they will
ever work end-to-end between random sites.

-Chris




More information about the NANOG mailing list