Security Considerations for 6to4
RFC 3964, “Security Considerations for 6to4”, is an Informational document published in December 2004 by P. Savola, C. Patel. The canonical text is published by the RFC Editor.
Abstract
The IPv6 interim mechanism 6to4 (RFC3056) uses automatic IPv6-over-IPv4 tunneling to interconnect IPv6 networks. The architecture includes 6to4 routers and 6to4 relay routers, which accept and decapsulate IPv4 protocol-41 ("IPv6-in-IPv4") traffic from any node in the IPv4 internet. This characteristic enables a number of security threats, mainly Denial of Service. It also makes it easier for nodes to spoof IPv6 addresses. This document discusses these issues in more detail and suggests enhancements to alleviate the problems. This memo provides information for the Internet community.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 3964 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 3965 A Simple Mode of Facsimile Using Internet Mail
- RFC 3966 The tel URI for Telephone Numbers
- RFC 3960 Early Media and Ringing Tone Generation in the Session Initiation Protocol
- RFC 3968 The Internet Assigned Number Authority Header Field Parameter Registry for the Session Initiation Protocol
- RFC 3959 The Early Session Disposition Type for the Session Initiation Protocol
- RFC 3969 The Internet Assigned Number Authority Uniform Resource Identifier Parameter Registry for the Session Initiation Protocol
- RFC 3956 Embedding the Rendezvous Point Address in an IPv6 Multicast Address
- RFC 3955 Evaluation of Candidate Protocols for IP Flow Information Export