On 11/04/2010 03:24 PM, Jan Engelhardt wrote:
On Thursday 2010-11-04 15:41, H. Peter Anvin wrote:
On 11/04/2010 07:08 AM, Stephen Clark wrote:
Now, the upstream (ISP-assigned) prefix changes to
2001:6b2f:1705::/48. RA will handle reassigning addresses to actual
downstream hosts, but things that explicitly encode IPv6 addresses
need to be changed, and that includes ip6tables, in this case these
rules now need to refer to 2001:6b2f:1705:0000::/52,
2001:62bf:1705:1000::/52 and so on.
Won't this break existing tcp connections if all of a sudden you get a
new address?
Yes. Welcome to the brave new world of IPv6. One of many reasons why IPv6 IMO
is seriously misdesigned, but it's what we have and we no longer have the time
to do anything else.
Well we know academia is evil as they never talk to us on linux-netdev
when designing protocols behind closed doors.
One could also argue that IPv6 just does what it does, and that any
extra feature is layered... what you want sounds like Shim6.
Or Mobile IPv6 or whatever... however, it's unlikely that whatever
solution is going to be universal.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
