RE: [Algorithms] UDP Network connectivity
Brought to you by:
vexxed72
From: Kevin J. <ke...@co...> - 2004-10-29 21:21:20
|
What does it do to address firewalls? -----Original Message----- From: gda...@li... [mailto:gda...@li...] On Behalf Of Robert Blanchet Sent: Friday, October 29, 2004 1:26 PM To: gda...@li... Subject: Re: [Algorithms] UDP Network connectivity This sounds like a plug but I recommend checking out TNL. It can be found here: www.opentnl.org Its a fairly sophisticated network library designed for video games. It's an improved tech of what was in the Tribes 1 and Tribes 2 games. But it deals with the firewall issues really well, among other really interesting network problems. On Wed, 27 Oct 2004 09:55:01 -0700, Jon Watte <hp...@mi...> wrote: >=20 > > - Cone-NAT (which shouldn't exist in my opinion) >=20 > Cone NAT is The Right Choice, if they don't just accept any old packet > on a port, but accept specifically packets only from people they've=20 > sent data to. >=20 > In effect, this is like a symmetric (four-tuple NAT), with the special > rule that it always re-uses the same outside port number for the same=20 > inside IP/port. This is, in fact, the most reasonable and compliant=20 > thing to do. In the absence of NAT, sending to destination A, and then > sending to destination B from the same socket, ends up with the same=20 > source port and IP. With the insertion of NAT, that should still hold=20 > true -- except the source port and IP may be translated (as a unit). >=20 > The security benefit is had by still keeping the table of whom you=20 > have actually sent to, and rejecting packets returning from=20 > destinations other than those you've already sent to. >=20 > The business of re-allocating a new port for each new tuple, even when > the originating port was the same from the inside, is what's really=20 > Wrong and Broken. In my opinion, of course :-) >=20 > Cheers, >=20 > / h+ >=20 >=20 >=20 >=20 > ------------------------------------------------------- > This SF.Net email is sponsored by: > Sybase ASE Linux Express Edition - download now for FREE LinuxWorld=20 > Reader's Choice Award Winner for best database on Linux.=20 > http://ads.osdn.com/?ad_id=3D5588&alloc_id=3D12065&op=3Dclick > _______________________________________________ > GDAlgorithms-list mailing list GDA...@li... > https://lists.sourceforge.net/lists/listinfo/gdalgorithms-list > Archives: > http://sourceforge.net/mailarchive/forum.php?forum_id=3D6188 >=20 --=20 -- Robert D. Blanchet ------------------------------------------------------- This SF.Net email is sponsored by: Sybase ASE Linux Express Edition - download now for FREE LinuxWorld Reader's Choice Award Winner for best database on Linux. http://ads.osdn.com/?ad_id=3D5588&alloc_id=3D12065&op=3Dclick _______________________________________________ GDAlgorithms-list mailing list GDA...@li... https://lists.sourceforge.net/lists/listinfo/gdalgorithms-list Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=3D6188 |