Some comments about draft-huitema-v6ops-teredo-02.txt:
- correct spelling of IPSEC is IPsec (cf draft-ietf-ipsec-rfc2401bis-03.txt)
- there is a "retricted" in 3.1
- to be complete the document should explain why it can't support
symmetric NATs
- IMHO section 3.1 should have a statement about multiple NATs
- I don't believe the protocol works with NATs using global addresses
on both sides (yes, this is a stupid way to use NATs but one can say
that using NATs is already stupid :-)
- a client can work only when it knows at least a server address.
Obviously this can become an operational issue. I don't understand
why there is nothing about an anycast IPv4 server address (i.e.,
the document should explain why this does/doesn't work).
+ (not editorial) 6to4 has the major drawback that it can give on
the long term two IPv6 Internets, the native one and the 6to4 one.
Teredo is carefully specified to avoid this issue.
- last point is more serious: according to NAT classification stats
(draft-jennings-midcom-stun-results-01.txt), many NATs are symmetrical
but try to keep the source port so they behave as port restricted
cone NATs *until* two internal clients try to use the same server...
So perhaps in a common case Teredo just pretends to work?
Thanks
Francis(_dot_)Dupont(_at_)enst-bretagne(_dot_)fr
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf