Abstract
The subtle way in which the IPv6 and IPv4 protocols coexist in
typical networks, together with the lack of proper IPv6 support in
popular Virtual Private Network (VPN) tunnel products, may
inadvertently result in VPN tunnel traffic leakages. That is,
traffic meant to be transferred over an encrypted and integrity-
protected VPN tunnel may leak out of such a tunnel and be sent in the
clear on the local network towards the final destination. This
document discusses some scenarios in which such VPN tunnel traffic
leakages may occur as a result of employing IPv6-unaware VPN
software. Additionally, this document offers possible mitigations
for this issue.
The subtle way in which the IPv6 and IPv4 protocols coexist in
typical networks, together with the lack of proper IPv6 support in
popular Virtual Private Network (VPN) tunnel products, may
inadvertently result in VPN tunnel traffic leakages. That is,
traffic meant to be transferred over an encrypted and integrity-
protected VPN tunnel may leak out of such a tunnel and be sent in the
clear on the local network towards the final destination. This
document discusses some scenarios in which such VPN tunnel traffic
leakages may occur as a result of employing IPv6-unaware VPN
software. Additionally, this document offers possible mitigations
for this issue.
more here...........https://www.rfc-editor.org/rfc/rfc7359.txt