Iljitsch van Beijnum skrev:
On 5 aug 2008, at 16:09, Rémi Denis-Courmont wrote:
What's the difficulty with TCP? If I understand things correctly, once
you use a certain port as a source port number on the public side, a
behave-compliant NAT will forward incoming sessions towards that port
number to you. So the only thing the application has to do is figure
out what the address/port is that others see and not release the port
number and it's in business.
The passive side of the TCP connections can hardly be behind a NAT.
Isn't that the whole point of endpoint independent NATing?
To allow for it yes, but there is also the filtering behavior. NATs
doesn't allow traffic in unless you have sent to that address or even
address and port.
I first open a session with source port 10 and destination address X.
The NAT rewrites the source port into 93 and the source address into Y.
The server at X tells me values 93 and Y. I then start listening on port
10 and tell others to contact me on Y port 93.
Yes, then when someone is going to connect you need to be told by the
rendevous server that a client at address Z and port 4042 wants to
connect. Then you can send a TCP SYN to Z:4042 from your port 10. That
way the NAT opens for traffic. At the same time the client send to Y:93.
Now the NAT needs to understand that it actually should consider this a
simultaneous open situation.
Unfortunately I have to agree with Remi, for TCP and carrier NAT you
really like to have a whole punching protocol for listing sockets.
There are some NATs that makes semi-static bindings without filtering in
the NAT that makes what you suggest working for certain ports. So one
can also consider what the full implications are of NATs without
filtering rules.
Cheers
Magnus Westerlund
IETF Transport Area Director & TSVWG Chair
----------------------------------------------------------------------
Multimedia Technologies, Ericsson Research EAB/TVM
----------------------------------------------------------------------
Ericsson AB | Phone +46 8 4048287
Färögatan 6 | Fax +46 8 7575550
S-164 80 Stockholm, Sweden | mailto: [EMAIL PROTECTED]
----------------------------------------------------------------------
_______________________________________________
Int-area mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/int-area
