REPLY: 2:5001/100.1 60e19d4e   
   MSGID: 2:5005/49 610ab0eb   
   CHRS: CP866 2   
   TZUTC: 0700   
   TID: hpt/fbsd 1.9.0-cur 2019-12-05   
   Dear Dmitry,   
      
   04 Jul 21 13:51, you wrote to me:   
      
    DP>>> For example - rerouting traffic via VPN to get thru RKN's DPI.   
    DP>>> Real life scenario :)   
      
    VS>> Why would you need NAT for that? Get a VPN/tunnel provider who   
    VS>> offers a global /64 or /56 or even a /48, like HE does.   
      
    DP> With he.net you'll loose access to local google caches and to local   
    DP> CDNs. With ipv4 I can forward only blocked subnetworks via VPN, with   
    DP> ipv6 and without NAT66 I can't do that.   
      
   Well, it's a valid point of course. The protocol designers are not required to   
   forsee the acts of malicious morons breaking the Internet intentionally. But   
   they could have provided for a simple failover mechanism.   
      
   OTOH, when I have to circumvent RKN, I prefer to start a new browser session   
   where all traffic goes via a VPN. Yes, I lose access to local google caches   
   and to local CDNs, but be it so.   
      
    DP>>> Yeah, but you can have "host" part the same for several uplinks   
    DP>>> and change prefix only on NPTv6 gateway. It's the best ipv6 can   
    DP>>> offer for you, sorry.   
      
    VS>> Too bad and a bit unexpected. There are/were rather complex   
    VS>> things like Mobile IPv6 and HMIP, and they have not thought of a   
    VS>> simple failover?   
      
    DP> Mobile IPV6 is an operator controlled tool to keep your IPv6 address   
    DP> intact. But you are asking for exactly the opposite solution - to   
    DP> change your IPv6 address.   
      
   Not exactly "to change my IPv6 address", but rather provide some simple   
   failover mechanism for multihomed IPv6 hosts. It has just come to my mind: if   
   those multihomed hosts ran some kind of routing protocol (OSPFv3 or a simple   
   equivalent thereof) there would be absolutely no problem selecting the working   
   gateway.   
      
    DP>>> It adds more complexity and cannot be implemented easily in   
    DP>>> userland across multiple OSes.   
      
    VS>> OK, let's start anew with a simple setup. If there are two   
    VS>> routers in a home LAN advertising different global prefixes, and   
    VS>> one of them goes offline, will IPv6 end hosts detect that and   
    VS>> remove the corresponding addresses from their configuration?   
      
    DP> Yes but you'll still have single routing table and timeout for client   
    DP> to remove dead ipv6 address from interface and routing table is large   
    DP> enough to be unacceptable for general use.   
      
   So, we need some simple routing protocol with keepalives, running both on end   
   hosts and the router?   
      
   Victor Sudakov, VAS4-RIPE, VAS47-RIPN   
   --- GoldED+/BSD 1.1.5-b20170303-b20170303   
    * Origin: Ulthar (2:5005/49)   
   SEEN-BY: 1/123 50/109 90/1 105/81 120/340 123/131 124/5016 154/10   
   SEEN-BY: 203/0 221/1 6 360 226/30 227/702 229/424 426 428 550 700   
   SEEN-BY: 229/1016 230/0 240/1120 5138 5411 5824 5832 5853 249/206   
   SEEN-BY: 249/317 400 280/464 5003 5006 5555 282/1038 292/854 8125   
   SEEN-BY: 301/1 310/31 317/3 320/219 322/757 335/364 342/200 423/81   
   SEEN-BY: 423/120 460/58 463/68 467/239 888 633/280 712/848 770/1 2452/250   
   SEEN-BY: 2454/119 4500/1 5000/111 5001/100 5005/49 53 5015/46 5020/545   
   SEEN-BY: 5020/715 830 846 1042 2047 2140 4441 5053/54 5058/104 5064/56   
   SEEN-BY: 5083/1 444   
   PATH: 5005/49 5020/1042 221/6 1 280/464 240/5832 229/426