ipv6 transit over tunneled connection

Owen DeLong owen at delong.com
Fri May 14 17:50:28 CDT 2010


On May 14, 2010, at 11:57 AM, Christopher Morrow wrote:

> On Fri, May 14, 2010 at 2:29 PM, Franck Martin <franck at genius.com> wrote:
>> I said somewhere in here... wierd quoting happened.
>> On Thu, May 13, 2010 at 6:18 PM, Michael Ulitskiy <mulitskiy at acedsl.com>
>> wrote:
>>> Hello,
>>> 
>>> We're in the early stage of planning ipv6 deployment -
>>> learning/labbing/experimenting/etc. We've got to the point when we're
>>> also planning to request initial ipv6 allocation from ARIN.
>>> So I wonder what ipv6 transit options I have if my upstreams do not
>>> support native ipv6 connectivity?
>>> I see Hurricane Electric tunnel broker BGP tunnel. Is there anything
>>> else? Either free or commercial?
>> 
>> 1) see gblx/ntt/sprint/twt/vzb for transit-v6
>> 2) tunnel inside your domain (your control, your MTU issues, your
>> alternate pathing of tunnels vs pipe)
>> 3) don't tunnel beyond your borders, really just don't
>> 
>> tunnels are bad, always.
>> -chris
>> 
>> I see so many times, that tunnels are bad for IPv6, but this is the way IPv6 has been designed to work when you
>> cannot get direct IPv6. So I would not say tunnels are bad, but direct IPv6 is better (OECD document on IPv6
>> states the use of tunnels).
> 
> Tunnels promote poor paths, they bring along LOTS of issues wrt PMTUD,
> asymmetry of paths, improper/inefficient paths (see example paths from
> several ripe preso's by jereon/others), longer latency. If the tunnel
> exits your border you can't control what happens and you can't affect
> that tunnels performance characteristics. it's 2010, get native v6.
> 
I will point out that most of these issues apply to 6to4 and Teredo auto-
tunnels and not as much to GRE or 6in4 statically configured tunnels.

There is a juniper bug which makes PMTU-D a problem if your tunnel
is Juniper<->Juniper.

>> If the issue with tunnel is MTU, then a non-negligible part of IPv4 does not work well with MTU different of 1500.
>> With IPv6 we bring the concept of jumbo packets, with large MTU. If we cannot work with non standard MTUs in
>> IPv6 tunnels, how will we work with jumbo packets?
> 
> a non-negligible part of the ipv6 internet doesn't work at all with
>> 1280 mtu... due to tunnels and some other hackery :( jumbo packets
> are a fiction, everyone should stop 10 years ago believing they will
> ever work end-to-end between random sites.
> 
Jumbo packets do work end to end in some random cases and PMTU-D
works in most others. All of the tunnels I am using have at least a 1280 MTU,
so, I'm not sure why you would think a tunnel wouldn't support 1280.

Owen





More information about the NANOG mailing list