Re: Last Call: 'Teredo: Tunneling IPv6 over UDP through NATs' to Proposed Standard

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Some comments about draft-huitema-v6ops-teredo-02.txt:
 - correct spelling of IPSEC is IPsec (cf draft-ietf-ipsec-rfc2401bis-03.txt)
 - there is a "retricted" in 3.1
 - to be complete the document should explain why it can't support
   symmetric NATs
 - IMHO section 3.1 should have a statement about multiple NATs
 - I don't believe the protocol works with NATs using global addresses
   on both sides (yes, this is a stupid way to use NATs but one can say
   that using NATs is already stupid :-)
 - a client can work only when it knows at least a server address.
   Obviously this can become an operational issue. I don't understand
   why there is nothing about an anycast IPv4 server address (i.e.,
   the document should explain why this does/doesn't work).
 + (not editorial) 6to4 has the major drawback that it can give on
   the long term two IPv6 Internets, the native one and the 6to4 one.
   Teredo is carefully specified to avoid this issue.
 - last point is more serious: according to NAT classification stats
   (draft-jennings-midcom-stun-results-01.txt), many NATs are symmetrical
   but try to keep the source port so they behave as port restricted
   cone NATs *until* two internal clients try to use the same server...
   So perhaps in a common case Teredo just pretends to work?

Thanks

Francis.Dupont@xxxxxxxxxxxxxxxx

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]