Time to add 2002::/16 to bogon filters?
valdis.kletnieks at vt.edu
valdis.kletnieks at vt.edu
Mon Jul 9 16:10:17 UTC 2018
On Mon, 09 Jul 2018 15:21:31 +0200, "Fabien VINCENT (NaNOG)" said:
> I think it's still used a bit ? I see today announcements over the
> following OriginAS over more than 2000 peers.
>
> as1103 SURFnet bv
> as1835 Forskningsnettet - Danish network for Research and Education
> as2847 Kauno technologijos universitetas
> as6939 HURRICANE
> as16150 Availo Networks AB
> as25192 CZ.NIC, z.s.p.o.
> as28908 A3 Sverige AB
Announced and used are two different things.. :)
> > sudo tcpdump -ni any 'net 2002::/16'
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
> 15:10:59.588097 IP6 2002:6bab:c6c6:0:e561:b9f7:b221:a73.51413 > 2001:470:1f12:dead::beef.51413: UDP, length 94
> 15:10:59.588233 IP6 2001:470:1f12:dead::beef.51413 > 2002:6bab:c6c6:0:e561:b9f7:b221:a73.51413: UDP, length 365
I'm pretty sure that 2002: address is (a) *your* end of the tunnel and (b)
only visible inside your network and *inside* the HE tunnel to the other end.
In other words, it shouldn't be seen out on the public net if it's transiting
an HE tunnel. I bet if you changed that '-i any' to '-i wlan' (for whatever
your router calls the outbound-facing interface) you won't see traffic on 2002:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 486 bytes
Desc: not available
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20180709/60999ef4/attachment.sig>
More information about the NANOG
mailing list