On Sun, 14 Feb 2010, Randy Bush wrote:
ssh tunnels to IP address i am often on funky networks in funky places. e.g. the wireless in changi really sucked friday night. if i ssh tunneled, it would multiply the suckiness as tcp would have puked at the loss rate. smb whacked me that i should use non-tcp tunnels.
Their network, their rules; your network, your rules; my network, my rules. If you visit lots of funky places, its probably time to learn about tunnelling protocols. If you don't like their network rules, tunnel to a different network with rules you prefer. Ports 80/443 seem to work as the universal tunnelling ports, along with SSH, VPN, PPTP, IPnIP/IPSEC, etc. Sometimes proxy-tunnel software which encapsulates packets inside HTTP works. AOL and SKYPE seem to successfully tunnel through a lot of stuff. Of course, if you are on a network which doesn't want allow tunnels, e.g. an internal enterprise network, you may not want to do that. Per-application stuff work sometimes (DNSSEC/TSIG-forwarders, HTTPS, etc), but when allowed I immediately create a tunnel and don't spend time debugging local networks. Some people always use tunnels even when using networks such as the NANOG or IETF conference networks.