On 3/13/2015 3:05 PM, Joe Touch wrote: > > > On 3/13/2015 2:51 PM, Christian Huitema wrote: ... >> Protecting against spoofed RST would be a very good thing indeed. >> But we want a solution that is robust in the presence of >> middle-boxes, and there is a generic issue there. ... >> Joe, do you have a design that solves that?
Actually, to be more direct: Don't use a NAT. when you're behind a NAT, you're beholden to how the NAT interacts with the Internet, and *you* are on a private communications system that is decidedly NOT the Internet. Joe _______________________________________________ Tcpinc mailing list [email protected] https://www.ietf.org/mailman/listinfo/tcpinc
