> From: Colm Buckley [mailto:c...@tuatha.org] > > There's > nothing about P2P applications which requires an open firewall;
If you're behind a firewall, which blocks inbound unknown connections, And I'm behind a firewall, which blocks inbound unknown connections, Then how do you propose you and I can communicate p2p? It's only possible via techniques such as NAT traversal and STUN, which will only work on braindead firewalls. > Yes, NAT could be useful to mask your internal > network topology from the wild world web. > > But there's a much better way to do that - RFC3041 privacy addresses. RFC3041, first of all, is client-based. It doesn't allow a sysadmin to mask the internal network topology; it's up to all the internal clients to do it voluntarily. And second of all, that just means the clients' IP address will change. It doesn't mask the network topology. If some outside person does a traceroute, it will work perfectly well, identifying all the intermediate routers necessary to reach your internal node. The point of RFC3041 is not masking your network topology. It's making your laptop not uniquely identifiable or trackable. Have you read it? It doesn't sound like you have. _______________________________________________ Discuss mailing list Discuss@lopsa.org http://lopsa.org/cgi-bin/mailman/listinfo/discuss This list provided by the League of Professional System Administrators http://lopsa.org/
