[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Enterprise scenario text proposal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Dave Thaler wrote:
<SNIP>
> 4.2 Mechanisms Evaluation
>
> One should note that we are not evaluating the specific version of
> the specification, but rather the mechanism in a more generic sense
> ("which features could this mechanism easily be made to work with?").
>
>
> +++++
> NAT-T Direct ISP Secure Simple Low Impl.
> Depl. Mcast
> Overhead
> Teredo Y Y N Y N N R Y N
> ISATAP N Y@ Y N/R R Y Y R? N
> TSP Y N Y? Y R N R R? Y?
> STEP Y N Y Y Y/R Y N N Y?
> + L2TP Y N Y Y N N Y Y Y
> + 6to4 N Y N N Y Y Y Y N
> + 6over4 N Y Y R Y Y Y R Y
In cases of TSP and STEP I don't think these should be listed here, as
these two are configuration methods, while Teredo/isatap/l2tp/6to4/6over4
are protocols that go over the link after being configured by such a method.
TSP can do 6over4, but also 6inudp4 or whatever it is called and it can
be used to configure a machine to setup a l2tp connection and some
others, depending on the availability of a protocol.
When TSP uses 6over4 as a protocol it thus doesn't support NAT-T.
Also 6over4 is spoofable when one is able to spoof IPv4 packets.
Eg mentioned by the following, but I guess that is why it is 'R' ;)
http://www.ripe.net/ripe/meetings/ripe-47/presentations/ripe47-ipv6-tunnel-disco.pdf
Simplicity of 6over4 depends on the configuration method and or
knowledge of the person setting it up or is it meant as
'simplicity of the protocol' ?
There are also at least two seperate Teredo implementations but
I guess you are more aware of those ;)
TSP and STEP thus can do Multicast depending on the protocol it uses.
Greets,
Jeroen
-----BEGIN PGP SIGNATURE-----
Version: Unfix PGP for Outlook
Comment: Jeroen Massar / http://unfix.org/~jeroen/
iQBGBAERAgAQCRApqihSMz58IwUCQFrLvgAA74UAoJwAYobVb2ST59w04uUbrHom
ENukAJ4932rV8w+VRjnlv3QYCm5AGStzrw==
=F7WQ
-----END PGP SIGNATURE-----