[HECnet] UDP tunnelling over SSH - Solution for people dynamic IP addresses?

Came across this whilst looking for some SSH stuff and realized this could be used to either securely transmit HECnet data between two hosts or enable a host with a dynamic IP to run the bridge/MULTINET UDP thing: http://24.97.150.195/nstwiki/index.php/Tunnelling_UDP_Traffic_Through_An_SS… Basically, they use a combination of SSH port forwarding (which is TCP only) and nc to create a secure UDP tunnel between two sites. Setting this up would be trivial on a standard Unix box and if we use public key authentication we don't even need to store passwords anywhere. Also, we would of course benefit from the authentication and cryptographic features that SSH brings to the table. The main disadvantage I can see is that SSH runs over TCP so any dropped packets might cause more delays than using straight UDP. Sampsa