Why Do I Need Two IP Public IP Addresses for DirectAccess

Why Do I Need Two IP Public IP Addresses for DirectAccess (Full Version)

All Forums >> [Forefront Unified Access Gateway 2010] >> DirectAccess

Message

tshinder -> Why Do I Need Two IP Public IP Addresses for DirectAccess (11.Mar.2010 9:34:30 AM)
I hear a lot of people ask why you need two public IP addresses to support DirectAccess. The reason for this is that in order for Teredo to determine what type of NAT device the DA client is behind, it needs two public addresses on the Teredo server. Note that this is not required for the 6to4 and IP-HTTPS DA clients. Teredo is the most common DA client configuration, with IP-HTTPS being far behind as the second most common configuration. In addition, IP-HTTPS doesn't perform nearly as well as Teredo, so you want to make sure you support Teredo as often as you can. Thought you'd like to know :) HTH, Tom

Jason Jones -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (11.Mar.2010 10:29:44 AM)
Answering your own questions now??? [:D]

richardhicks -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (11.Mar.2010 11:40:28 AM)
He talks to himself a lot, Jason. [;)]

richardhicks -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (11.Mar.2010 12:03:23 PM)
So why the requirement for consecutive IP addresses?

tshinder -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (12.Mar.2010 7:58:42 PM)
Hey, if no one else is going to ask questions, someone is going to have to pick up the ball. The two consecutive IP addresses requirement isn't in the RFC, but the Windows 7 client expects it. Why? I wasn't at that meeting :) The second address is used to determine that type of NAT the client is behind. For the details, check out RFC 4380 at http://www.rfc-editor.org/rfc/rfc4380.txt HTH, Tom

richardhicks -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (12.Mar.2010 8:04:42 PM)
Oh yes, I get that the second IP address is to determine what type of NAT the system is behind (I was at that meeting!) but I was always confused as to why it had to be consecutive. I don't expect this to be a problem for most organizations, although it might be for some. I'd think that if you, as the administrator, could specify which two IP addresses you wanted to use that would suffice.

tshinder -> RE: Why Do I Need Two IP Public IP Addresses for DirectAccess (13.Mar.2010 10:11:53 AM)
That's a good point. While for some people use two consecutive addresses isn't a problem, I can see how it might be easier for a lot of people if they could just use any two addresses. I'll see if I can find out why the Windows 7 team decided that the client should look for two consecutive addresses, instead of any two addresses. Thanks! Tom

Page: [1]