Some comments about draft-huitema-v6ops-teredo-02.txt: - correct spelling of IPSEC is IPsec (cf draft-ietf-ipsec-rfc2401bis-03.txt) - there is a "retricted" in 3.1 - to be complete the document should explain why it can't support symmetric NATs - IMHO section 3.1 should have a statement about multiple NATs - I don't believe the protocol works with NATs using global addresses on both sides (yes, this is a stupid way to use NATs but one can say that using NATs is already stupid :-) - a client can work only when it knows at least a server address. Obviously this can become an operational issue. I don't understand why there is nothing about an anycast IPv4 server address (i.e., the document should explain why this does/doesn't work). + (not editorial) 6to4 has the major drawback that it can give on the long term two IPv6 Internets, the native one and the 6to4 one. Teredo is carefully specified to avoid this issue. - last point is more serious: according to NAT classification stats (draft-jennings-midcom-stun-results-01.txt), many NATs are symmetrical but try to keep the source port so they behave as port restricted cone NATs *until* two internal clients try to use the same server... So perhaps in a common case Teredo just pretends to work? Thanks Francis.Dupont@xxxxxxxxxxxxxxxx _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf