[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: NAT Traversal
Increasing SPI size is very bad idea. They are only as large as they are now because of IPv6 considerations for word/byte alignment. The SPI was originally called a SAID it that incarnation been the sole identifier for a security association (SA). The size need only be as large as the maximum number of SAs for a system
This seems like a very confused set of proposals for NAT that are randomly mutating fields in the hopes that by some sort of Darwinian process a better protocol will be created. The suggestions that the solution should be based on well defined scenarios would help to clarify this discussion.
Paul