What about users on cgnat? I know isp's in the far east that only offer cgnat and it's pot lock how you go out. ------Original Message------ From: Michael Brown Sender: NANOG To: Brandon Butterworth To: nanog@nanog.org To: dhubbard@dino.hostasaurus.com Subject: Re: Question re session hijacking in dual stack environments w/MacOS Sent: Sep 26, 2015 23:19 > Those site eventually learnt after much feedback not to assume on IPv4 address continuity. I could envision that those checks might now be relaxed to checking for address continuity in the same /24 for instance. But when you're seeing the same session being used from two wildly different places (in this case, IPv4 and IPv6) at the SAME TIME, that does seem rather suspicious in the absence of other information. M. Regards, Dovid