> > Just because it's almost newyear, and I have seen The Light... (or > > was that just an illusion?) > > > > Some thoughts about the new proposed features, concerning: > > > > - multiplexing the data streams, error stream, index stream, over > > one TCP connection (this would make passing firewalls and NAT so > > much easier and safer) > > Yes. Multiplexing the data streams/error stream/index stream over one > connection is a good idea. Kevin Till has done some investigation in > this area. I hope he will comment on this.
The Kerberos 5 implementation in 2.5.0 actually does all this over one tcp connection right now. There is a minor protocol issue that needs to be corrected (that causes amandad to timeout at the end, rather than properly end a session, but it's also there under udp-based connections today, so less of a big deal). -Todd
