2012/3/14, Francis Dupont <francis.dup...@fdupont.fr>: > In your previous mail you wrote: > >> (*) Question 1: It is not clear in text if there is a second NAT >> in the AFTR or not. Could you please confirm/infirm a second NAT >> is present? > > => there is one but: > - it translates only port numbers following an algorithm > > - the NAT is not strictly required: one can imagine to assign > directly to a CPE its port range as it is visible from the Internet > (note: 1- it should be not what we want as it makes CPEs trivial > to track, 2- it doesn't remove the mandatory check on source ports > in the from CPE to the Internet way) > >> (*) Question 2: If yes, is there any reason why you want to >> maintain that second NAT? > > => I can see at least 2 reasons: > - make CPE simplers (only applications which need to know what is a port > number seen from the Internet side have to enter into the second NAT > details, i.e., typically the PCP (/UPnP iGD/NAT-PMP/...) server on the > CPE)
However, the draft seems give people impression there is only one NAT at CPE(i.e. 2.3. Stateless DS-Lite CPE operation) and AFTR is responsible for decapsulation and IPv4 package validation. Did I miss something? BRs Gang _______________________________________________ Softwires mailing list Softwires@ietf.org https://www.ietf.org/mailman/listinfo/softwires
