>Ok.  I found a second ipv6 ftp site to test against and the symptoms
>are the same as ftp.netbsd.org.  This time I slapped ethereal on gif1
>(my ipv6 tunnel interface) so I would track all the ipv6 packets.
>
>Ftp started up and I saw the SYN/SYN-ACK/ACK exchange.  Then nothing
>for 60 seconds and I saw a FIN/ACK exchange (my side sending the fin).
>Ftp had just printed "421 Service not available [...]".  Then when I
>hit ^D a few seconds later and then saw a packet from the remote side
>containing "220-".  This was followed by an RST from my side and
>another packet from the remote side with "220- <hostname> welcome...".
>Then another identical RST was sent from my side.

	IPv6 reverse lookup with lame delegation maybe?  (it takes time)

	In my opinion it is unwise to use the existence of reverse lookup
	mapping as (sort of) authenticity.  i don't understand why many of the
	ftp servers do configured this way.

itojun