[VOIPSEC] IPv6 and the demise (or not) of NAT (was Re: Interactive Connectivity Establishment (ICE))
Randell Jesup
rjesup at wgate.com
Tue Nov 15 12:53:10 CST 2005
"Dan Wing" <dwing at cisco.com> writes:
>> > Another big problem with UPnP is the double-nat problem.
>> >Put a device behind two UPnP NATs and you can't open a port
>> >through both.
>> >With STUN/etc, you can open ports through any number of NATs.
>>
>> Except if one of those NAT's is symmetric (which is 90% of
>> all routers are) then it maybe broke.
>
>draft-jennings-behave-test-results,
><http://www.ietf.org/internet-drafts/draft-jennings-behave-test-results-01.t
>xt>, shows test results of a couple dozen NATs. Only one NAT was found to
>be symmetric.
>
>Do you have other data to share?
That data is mostly from 2002/2003 NATs, and the newer testing
is almost all "odd" routers (not from the major players in the retail
market: Netgear, DLink, Linksys, Belkin, etc) - and the two main retail
routers there (Netgear 814v2 and Linksys BEFSR81) aren't new.
It's nowhere near 90%, or even 50% - but the number (especially in
"popular" routers) is climbing. The Netgear WGR614 (not the RP614 in the
draft) is symmetric in all of the recent variations (v4/v5/v6), for example.
v2 was Cone I think.
--
Randell Jesup, Worldgate (developers of the Ojo videophone), ex-Amiga OS team
rjesup at wgate.com
More information about the Voipsec
mailing list