Jared Mauch wrote: > The workarounds we’ve been slowly moving to is shifting services to alternate > ports that aren’t damaged by these transparent and helpful devices. That is not a workaround, but the only proper solution, because, we can do nothing against behavior of ALGs unknown to users, operators or even manufactures of the ALG, other than avoiding the ALG. And it can be automated if browsers support SRV, a DNS RR type to specify non-default port numbers. That's what I proposed in a position paper for an IAB workshop of SEMI, but the paper was rejected with the following review comment: : SRV in particular may work to confound assumptions about ports along : the path, but many of the port-linked behaviors are under the control : of the server operators anyway, so it is hart to see how this on its : own would do much to restore end-to-endness. That is, IAB is actively rejecting the idea of alternate ports. Masataka Ohta