>We could make it stricter of course, by not accepting even others
>to initiate new connections. However, I believe this might be bad for
>some protocols. Say, you are doing an FTP mget * from node X, which decides
>to get a new RFC 3041 address in the middle of things. If I remember
>correctly, FTP uses a new TCP session for each new file. Your FTP
>session would not proceed if you refused to accept a new TCP session.
these days FTP client/server implementations are picky about endpoint
address, and we need to use the same address pair for control and
data connection (to avoid FTP bounce attack). therefore, FTP client
side shouldn't use temporary address for the control connection.
(apparently, server side shouldn't)
itojun
--------------------------------------------------------------------
IETF IPng Working Group Mailing List
IPng Home Page: http://playground.sun.com/ipng
FTP archive: ftp://playground.sun.com/pub/ipng
Direct all administrative requests to [EMAIL PROTECTED]
--------------------------------------------------------------------
