[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opportunistic Tunneling

To: Pekka Savola <pekkas@netcore.fi>, Marc Blanchet <Marc.Blanchet@viagenie.qc.ca>
Subject: Re: Opportunistic Tunneling
From: Marc Blanchet <Marc.Blanchet@viagenie.qc.ca>
Date: Tue, 24 Feb 2004 09:19:43 -0500
Cc: v6ops@ops.ietf.org, jonne.soininen@nokia.com
In-reply-to: <Pine.LNX.4.44.0402240826450.7597-100000@netcore.fi>
References: <Pine.LNX.4.44.0402240826450.7597-100000@netcore.fi>

-- Tuesday, February 24, 2004 08:34:00 +0200 Pekka Savola
<pekkas@netcore.fi> wrote/a ecrit:

> On Mon, 23 Feb 2004, Marc Blanchet wrote:
>> TSP does nat traversal and does not have the same security concerns as
>> teredo.
>> 
>> in the anonymous mode of TSP, TSP is as automatic/opportunistic as
>> teredo/6to4/isatap. all of them requires the prior (static) knowledge of
>> an IPv4 address. Most of them may have some ways to get the nearest/best
>> service, based on some techniques.
> 
> I think there is something in the "opportunistic" vs "tunnel service"  
> distinction that I haven't been able to make clear.
> 
> TSP requires that ISPs set up tunnel servers and tunnel brokers.  
> 6to4 

6to4 client needs a relay.
Teredo client needs both servers and relays.
they both have the property of having assymetric routing.
TSP needs a broker/server. Broker can assign tunnels to the nearest tunnel
server.

TSP configures static tunnels. static tunnels have much less/no issues
regarding security in relays and open transits.

6to4 and teredo need relays that are open for transit traffic. The client
rely on the reliability and the overall performance of those for their
traffic. However, nor the client, nor the provider of the client are able
to control these. So, user experience might be/is terrible. 

TSP gives you a production address, not bound to the IPv4 address you have
(temporarily). It also does not expose the NAT mapping in the IPv6 address.
If the node moves to a new subnet, the IPv4 address changes, so the IPv6
address. 

>and Teredo don't.  (Teredo server doesn't pass through traffic so
> a couple may be enough.)  6to4 works automatically between other 6to4
> nodes; TSP does not.  Teredo works automatically between Teredo nodes
> after the server has been contacted to get the public IPv6 address.

not quite that simple. Teredo relays are used a lot. see all the
interactions between the nodes. Teredo does not cross symmetric NATs, while
TSP does. If the node is moving to different point of attachments and one
of them is behind a symmetric NAT, no service with Teredo.

> 
> This is the distinction I tried to make with "Opportunistic Tunneling" 
> vs "3GPP UE Tunneling, Unmanaged tunnel service".
> 
> The tunnel broker set-up, even in anonymous mode, could possibly be 
> pretty straightforward, but nowhere near the same as 6to4.

why? small piece of code. only need one IPv4 address. that is. both same
level of "straightforwardness".

> (Which 
> works even with relays between 6to4 nodes.)
> 
> -- 
> Pekka Savola                 "You each name yourselves king, yet the
> Netcore Oy                    kingdom bleeds."
> Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
> 
> 
> 

------------------------------------------
Marc Blanchet
Hexago
tel: +1-418-266-5533x225
------------------------------------------
http://www.freenet6.net: IPv6 connectivity
------------------------------------------

References:
- Re: Opportunistic Tunneling
  - From: Pekka Savola <pekkas@netcore.fi>

Prev by Date: Cable transition [RE: Opportunistic Tunneling]
Next by Date: Re: Opportunistic Tunneling
Previous by thread: Re: Opportunistic Tunneling
Next by thread: Re: Opportunistic Tunneling
Index(es):
- Date
- Thread