>
> On 24 Nov 1994, Michael Richardson wrote:
> > From what I understand of the way that the mbone tunnels multicast
> > data through unicast routers, it should be possible to get mbone
> > traffic into your protected network if you can get a virtual circuit
> > between inside, and some mbone machine outside.
>
> I've done this. Somewhere in the Firewalls archive you should find the
> text I wrote about it after the topic was brought up in one of the
> Firewalls BOFs.
>
> > Does mbone tunnelling encapsulate in UDP or TCP? I would assume the
> > former since it would be more efficient, but if TCP encapsulation
> > is implemented, then something like "proxy-telnet" (or equivalent),
> > should be able to provide the required virtual circuit.
>
> It's IP-within-IP (protocol 9, I believe).
Protocols 2 (igmp) & 4 are what I see on my tunnels.
I'm not sure that a proxy service, but worth a try :)
References:
|
|
