[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: I-D ACTION:draft-ietf-ipsec-udp-encaps-00.txt



> > Yes there is: get rid of the NAT :-)
> > 
> > For what it's worth, it seems like the impact on the network of the
> > NAT-keepalives could be reduced by sending them with a reduced IP TTL
> > (so that they die just beyond the last NAT being traversed).
> > Unfortunately there doesn't seem to be an easy way to figure out what
> > that TTL should be..
> 
> Doesn't it, then, mean that the router (where the TTL hits zero)
> would react and send back an ICMP? What are we trying to solve
> with reducing the TTL?

We're trying to send the NAT-keepalives only as far as the NAT, so
they don't consume bandwidth beyond the NAT, reducing the impact on
the network outside the NAT.

					- Bill


References: