[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: draft-huitema-v6ops-unmaneval-00.txt

To: Christian Huitema <huitema@windows.microsoft.com>
Subject: RE: draft-huitema-v6ops-unmaneval-00.txt
From: Pekka Savola <pekkas@netcore.fi>
Date: Sun, 16 Mar 2003 15:07:41 +0200 (EET)
Cc: Jun-ichiro itojun Hagino <itojun@iijlab.net>, <v6ops@ops.ietf.org>
In-reply-to: <DAC3FCB50E31C54987CD10797DA511BA1D2BEF@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>

On Sat, 15 Mar 2003, Christian Huitema wrote:
> When it comes to traversing NAT, the issue is how to "come in", not how
> to "go out". AFAIK, teredo is the only solution that allows "self
> deploy" because it let UDP packets "come in". All the other solutions
> are variations on fixed tunnels, and thus require some form of contract
> between a user and a tunnel endpoint. 

By "coming in" you probably refer to "coming in without an explicit 
tunnel".

Not being to just "come in" could be considered a feature, too.

Especially if "coming in" doesn't work on any properly implemented
(=secure) NAT boxes.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings

References:
- RE: draft-huitema-v6ops-unmaneval-00.txt
  - From: "Christian Huitema" <huitema@windows.microsoft.com>

Prev by Date: Re: draft-savola-v6ops-firewalling-01.txt
Next by Date: huitema-v6ops-unmaneval-00 comments
Previous by thread: RE: draft-huitema-v6ops-unmaneval-00.txt
Next by thread: RE: draft-huitema-v6ops-unmaneval-00.txt
Index(es):
- Date
- Thread