Re: CPE equipments and stateful filters

[Rémi Denis-Courmont <rdenis@simphalempin.com>]

On Tuesday 24 July 2007 20:52:42 Iljitsch van Beijnum wrote:
> On 24-jul-2007, at 11:31, Rémi Denis-Courmont wrote:
> > By the way, to amend James's slideset, only UDP really works with
> > ICE (or any
> > form of hole punching), while TCP works to a very-lesser extent, and
> > everything else does not: DCCP, SCTP, IPsec...
>
> Why?
>
> An important issue about the hole punching is the shape of the hole.
> If the hole has the shape of a particular transport session, you're
> not accomplishing much because you still can't receive arbitrary
> incoming sessions.

Yes, that still sucks. But if you have BEHAVE-TCP support, you can at least do 
TCP simultaneous open (forget about DCCP and SCTP though), provided you have 
an out-of-band signaling mechanism.

Without BEHAVE-TCP, you cannot do home-to-home at all, and you have to invent 
your own crappy[1] protocol on top of UDP.

[1] At least, *I* am not capable of reinventing something nearly as good as 
TCP or DCCP by myself.
-- 
Rémi Denis-Courmont