nanog mailing list archives
Re: CGN fixed/hashed nat question
From: Simon Perreault <simon.perreault () viagenie ca>
Date: Wed, 23 Jan 2013 16:54:45 +0100
Le 2013-01-23 16:37, William Herrin a écrit :
NAT traversal using port prediction is a Worst Current Practice.In fact, were someone to use those "worst current practices" to build some generic p2p VPN software, even old games could leverage it to allow someone behind a CGN to host.
Have a look at this: http://tools.ietf.org/html/draft-ietf-behave-lsn-requirementsThese are the IETF's requirements for CGNs. The intent is to provide guidelines to vendors so that their CGNs can be as harmless as possible.
A CGN that obeys these requirements will allow NAT traversal by virtue of having an Endpoint-Independent Mapping behaviour. That is the BCP. Not port prediction.
Simon
Current thread:
- Re: CGN fixed/hashed nat question, (continued)
- Re: CGN fixed/hashed nat question Sander Steffann (Jan 23)
- Re: CGN fixed/hashed nat question Randy Bush (Jan 23)
- Re: CGN fixed/hashed nat question Nick Hilliard (Jan 23)
- Re: CGN fixed/hashed nat question Jean-Francois Mezei (Jan 23)
- Re: CGN fixed/hashed nat question William Herrin (Jan 23)
- Re: CGN fixed/hashed nat question Christian Kratzer (Jan 23)
- Re: CGN fixed/hashed nat question William Herrin (Jan 23)
- Re: CGN fixed/hashed nat question Simon Perreault (Jan 23)
- Re: CGN fixed/hashed nat question William Herrin (Jan 23)
- Re: CGN fixed/hashed nat question Simon Perreault (Jan 23)
- Re: CGN fixed/hashed nat question William Herrin (Jan 23)