[PATCH] Add more including files for complation on FreeBSD

libteredo/discovery.c needs more including files for FreeBSD (and
maybe other *BSD).

-- Sumikawa

From 7dbfd10b03b78754ff80ed550c306b6f0e6dd688 Mon Sep 17 00:00:00 2001
From: Munechika Sumikawa <sumikawa@...>
Date: Wed, 16 Nov 2011 16:08:34 +0900
Subject: [PATCH] Add more including files for complation on FreeBSD

---
 libteredo/discovery.c |    3 +++
 1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/libteredo/discovery.c b/libteredo/discovery.c
index a736c52..e3a4dba 100644
--- a/libteredo/discovery.c
+++ b/libteredo/discovery.c
@@ -30,12 +30,15 @@
 #include <inttypes.h>
 #include <stdlib.h> // malloc()
 #include <string.h> // mem???()
+#include <assert.h>

+#include <sys/types.h>
 #include <netinet/in.h> // struct in6_addr
 #include <netinet/ip6.h> // struct ip6_hdr (for packets.h)
 #include <arpa/inet.h> // inet_ntop()
 #include <pthread.h>

[PATCH] portability fix

In the below commit,

------------------
commit 336549f1ae686c62746140ce1da921372ec67640
Author: Rémi Denis-Courmont <remi@...>
Date:   Wed Jan 20 19:47:59 2010 +0200

    Fix aliasing violations
    Unfortunately, I am not sure how portable this code is.
------------------

This isn't portable.  How is the attached?  "s6_addr" is defined in
RFC3493 but s6_addr{16,32} is not.

-- Sumikawa

From 2f0dd8960d8cea4c6fa7ebd963876df01121c739 Mon Sep 17 00:00:00 2001
From: Munechika Sumikawa <sumikawa@...>
Date: Wed, 16 Nov 2011 15:46:59 +0900
Subject: [PATCH] portability fix

---
 libteredo/relay.c  |    3 ++-
 libteredo/server.c |    4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/libteredo/relay.c b/libteredo/relay.c
index 80d36ae..62ee5c8 100644
--- a/libteredo/relay.c

[PATCH] systemd service file for miredo

Hello,

I created a systemd service file for miredo.
systemd is a sysvinit replacement (see [1] for more information).
One of the goals of systemd is to encourage standardization between different
distributions. This means, while I also submitted a ticket in Debian GNU/Linux,
I would like to ask you to accept this service file as the upstream
distributor, so that other distributions can use the same service file and
don’t have to ship their own.

Please include this file in your next release (just like in init script).

If you have any questions, please do not hesitate to contact me.

Best regards,
Michael

[1] http://en.wikipedia.org/wiki/Systemd

Miredo on Android OS?

Hello,

Has anyone here had any luck/attempts at porting Miredo to Android OS?

I wish to have IPv6 access on my Android phone (rooted), but ISP
(telephone provider Verizon Wireless) doesn't have IPv6 access on 3G
(only 4G/LTE).

6to4 etc is all out of the question due to the NAT that VZW uses.

Thanks for any ideas or suggestions.

Miredo relay performance

 Hi,
 does anyone have any real-life experience with miredo relay 
 performance?
 I have tried:

  * Debian 6/Ubuntu 11.04 (kernel 2.6.38, miredo 1.2.3)
  * Cent 5.6 (kernel 2.6.18, miredo 1.2.3)
  * FreeBSD 8.2 (miredo 1.2.3)

 I have used different hardware: Dell, HP servers 2(4)GB RAM, Intel Xeon 
 processors, Broadcom, Intel network adapters ...

 I have reached 60kpps in testing - single stream from native IPv6 host 
 to miredo IPv6 host, but when I tried "real" traffic (announcing 
 2001::/32 to the BGP) the servers start to drop packets when the traffic 
 reaches 10kpps ... all the combinations of OS and HW behave similarly - 
 received packets are dropped ... I have also tried some "network card 
 drivers and OS" tunning - increasing buffer size, setting coalesce 
 parameters ...

 Thanks
 Regards

 Marian Kadziolka

Behind the NAT and firewall

Why two IPs for miredo-server - NS

Hi,

I've installed a miredo-server. It works fine with one IP. 
I don't unterstand why I have to use two IPs for the miredo-server.

And how I have to set the forward and reverse record for my name server 
when I like to use teredo.example.com?

When I use only one IP than it's clear. 
But When I have to use two IPs I'm unsure.

Sorry, my English is bad.

Thanks!

How to make miredo prefer IPv6 DNS records?

Sorry for the IPv6-newbie question, but I hope someone can shed some light.

I'm using recent Debian Squeeze, with default miredo 1.2.3-1 installation
(kernel 2.6.32-25, and libc6 2.11.2-6+squeeze1).  It works just fine out of
the box as far as IPv6 connectivity itself is concerned (great!!). The
system is just a workstation connected via etherenet to cable router, which
does IPv4-only PPTP tunnel to the ISP.

I can ping6, telnet etc to any manually specified IPv6 address, or to DNS
name that has only AAAA record.

However, when I try to connect to a DNS name that has both AAAA and A
records, "A" record always gets tried first. I would like to reverse that,
that is for "AAAA" record to always be tried first.

for example:

# host ipv6.google.com  
ipv6.google.com is an alias for ipv6.l.google.com.
ipv6.l.google.com has IPv6 address 2a00:1450:8006::93
# telnet ipv6.google.com 80
Trying 2a00:1450:8006::93...
Connected to ipv6.l.google.com.

works ok, but:

# host www.ipv6.org
www.ipv6.org is an alias for shake.stacken.kth.se.
shake.stacken.kth.se has address 130.237.234.40
shake.stacken.kth.se has IPv6 address 2001:6b0:1:ea:202:a5ff:fecd:13a6
# telnet www.ipv6.org 80
Trying 130.237.234.40...
Connected to shake.stacken.kth.se.

connects to IPv4 address while I would like it to connect to IPv6 one.
The same "problem" occurs with other apps like firefox, etc.

/etc/miredo.conf contains just default lines:
InterfaceName   teredo
ServerAddress   teredo-debian.remlab.net

I've tried using several different DNS server (from my ISP, opendns, even
google's 8.8.8.8) and the result is the same.

I STFW, and the best I could come up is that this behavior is due to the way
getaddrinfo(3) works, and is controlled by /etc/gai.conf.  It looked exactly
like what I needed...  Only I couldn't make it work.  By default in Squeeze,
that file contains just comments, and says that IPv6 will be prefered by
default, and gives info how to reverse that that.

I've tried uncommenting and playing with stuff that according to docs should be 
defaults, like:

label ::1/128       0
label ::/0          1
label 2002::/16     2
label ::/96         3
label ::ffff:0:0/96 4
label fec0::/10     5
label fc00::/7      6
label 2001:0::/32   7
precedence  ::1/128       50
precedence  ::/0          40
precedence  2002::/16     30
precedence ::/96          20
precedence ::ffff:0:0/96  10

but it still does not work (even when documentation says that IPv6 DNS 
will be prefered by default unless that last line is changed to 
"precedence ::ffff:0:0/96 100")

By this point I'm getting out of my IPv6 depth. So I though I'd ask on the
list before delving into RFC 3484 and wasting time trying to debug the glibc
source to figure out what is going on...

Note of interest: on the same system, when aiccu (with SixXS) is installed
instead (without any other changes to the system, eg. the same gai.conf
etc), IPv6 works "correctly" (meaning as I want it -- DNS resolving first
giving IPv6 and IPv4 only if that fails).  Which is why I ask on this list.

Does anyone knows why aiccu and miredo behave differently, and more
importantly how to force miredo installtion to also prefer IPv6 to IPv4?

Thanks!

--

-- 
Opinions above are GNU-copylefted.

Feature-request: server-hook script

CERT vendor meeting co-located with RSA 2011 [INFO#384036] - miredo

Hello,

We're considering hosting a vendor meeting the week of Monday February
14 in San Fransicso, co-located with RSA 2011.

Before we make further arrangements, we'd appreciate an indication of
interest and availability.  The most likely time would be the afternoon
of Monday February 14.

Potential discussion topics include vulnerability discovery (fuzz
testing) and vulnerability coordination, management, and disclosure.

Please respond at your convenience, indicating your availability and any
suggestions for discussion topics.

Regards,

  - Art

             Art Manion  --  CERT Coordination Center
    <http://www.cert.org/>   <cert@...>   +1 412-268-7090
        79DA 4C07 0AE5 EB20 D641  3F80 67B1 5F29 72C3 3BD5

Routing problems to Sweden: P.S.

 I just tested it again, now it works. Anyway, it would be nice if you
could say where the problem was if possible. It wasn't working at least
for weeks.
Thanks,
Jens-Erik