--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Just a remark:

On Sun, Apr 03, 2005 at 12:37:02PM +0200, Hubert Feyrer wrote:

> Looking at Toredo[1] it seemt to tunnel the v6 pkgs similar to 6to4, but=
=20
> uses a NAT-friendlier encapsulation (v4 UDP instead of some non-IP=20
> protocol, that's unlikely to be handled by NAT).

both 6to4 and fixed IPv6 in IPv4 tunnels use IP protocols... just neither
TCP nor UDP.

NAT/PT is breaking the design of IP, by changing IP's payload (and the
header), which leads to all those problems. NAT/PT is a generalized
application gateway (and the existing implementations are working fine
for this), but it is only an application gateway.

Unless the hardware is deployed already, the less hacky solution would be
to get an el cheapo embedded 486/586/arm box, add some NetBSD, ipf for the
NATing, and whatever IPv6 tunnel endpoint you need, and be done with it.

Alas, I understand David's NAT boxen are already installed at his customers'
sites.

Regards,
	-is

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFCT8sxN4tiz3B8hB0RAs8PAKDZzaEcuEqjoZNk7+PmCQ/J3AsE9QCgt6Q8
iH+TaPYkYYrHEL0pY0FtMAQ=
=ktAe
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--