On Mar 23, 2009, at 14:39, Fred Baker wrote:
The more appropriate case, called for in RFC 4787, might be to recognize that this is about to happen and instead of changing the source address, change the destination address. This results in the target seeing a datagram from/to the ULA. One direction goes through the DMZ, but the replies are direct.
That can work for UDP, in those applications that don't care so much about source and destination addresses for matching session endpoints, but it doesn't work for connection-oriented transports, e.g. TCP, SCTP, DCCP, etc. For those transports, hairpinning requires the NAT to translate both the source and destination addresses.
-- james woodyatt <[email protected]> member of technical staff, communications engineering _______________________________________________ nat66 mailing list [email protected] https://www.ietf.org/mailman/listinfo/nat66
