Masataka Ohta wrote:
Martin Rex wrote:
According to your theory, a universal NAT traversal protocol
should already exists.
Correct. It is called the HTTP CONNECT method.
If, with your definition of "traversal", tunneling is a form
of traversal, tunneling by IPSEC is a standard firewall
traversal protocol and is much better than HTTP CONNECT
because of UDP.
Not quite. Tunneling needs matching configurations on both ends,
and that rarely works, in particular on a global scale with
peers you do not know a-priori.
In the general case you have only control (and can modify)
the behaviour of your endpoints and nearby middle boxes on your side
of the network, and the other side is either accessible or not.
Home DSL routers usually do NAT. For outgoing connections,
they're transparent. For incoming connections, it is either
possible to configure static mappings (external->internal)
or there might be some dynamic configurability through UPnP.
UDP included.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf