> Since KAME version of ftp/ftpd was merged, ftp speaks EPSV/EPRT as
> default not only IPv6 but also IPv4. Currently, existing natd is not
> recognize EPRT. So, NAT user may be confuse. Please examine
> bin/14305.
Wmmm, I actually enabled it, but it is causing problems, so
should EPSV only allowed for IPv6 at least for several
starting 4.x releases? (About EPRT, initiating client retry
PORT command next if EPRT failes, so trying EPRT first will be
OK.)
As RFC2428(FTP Extensions for IPv6 and NATs), EPSV can be used
for IPv4 and IPv6 and it has performance benefit for firewall
and NAT, because it doesn't include an IP address in its
command, so firewall and NAT doesn't need to translate them.
And there is also a chicken and egg issue, because if usual
ftp clients don't try EPSV first, then usuall firewall and NAT
don't notice the necessity of supporting EPSV.
But now passive is used by default, and not many firewall and
NAT support it yet, so many user will be upset that they can't
connect to some of ftp servers.
So if no other better suggestion, I think I'll get permission
to fix 4.0 ftp client to try EPSV only for IPv6.
Yoshinobu Inoue
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
