Re: SIP with NAT traversal and STUN using NPF

To: tech-net%NetBSD.org@localhost
Subject: Re: SIP with NAT traversal and STUN using NPF
From: Mouse <mouse%Rodents-Montreal.ORG@localhost>
Date: Sat, 13 Jun 2026 21:29:54 -0400 (EDT)

> The docs are probably presuming you not having a stateful firewall.

Stateful on-path devices break the assumptions underlying IP and the
protocols layered atop it.  NAT breaks them worse.

That as many things come as close as they do to working anyway is a
testament to their robustness.  I sometimes think it would have been
better if things had completely broken when faced with stateful paths;
it would have put a stop to this nonsense before it could get
established.

</curmudgeon>

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse%rodents-montreal.org@localhost
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B

References:
- SIP with NAT traversal and STUN using NPF
  - From: Martin Husemann
- Re: SIP with NAT traversal and STUN using NPF
  - From: Greg Troxel
- Re: SIP with NAT traversal and STUN using NPF
  - From: Martin Husemann
- Re: SIP with NAT traversal and STUN using NPF
  - From: Greg Troxel

Prev by Date: Re: SIP with NAT traversal and STUN using NPF
Previous by Thread: Re: SIP with NAT traversal and STUN using NPF
Indexes:

Home | Main Index | Thread Index | Old Index