Le 2014-01-15 08:47, Ole Troan a écrit :
Simon,
A MAP CE receiving an IPv6 packet to its MAP IPv6 address sends this
packet to the CE's MAP function where it is decapsulated. All other
IPv6 traffic is forwarded as per the CE's IPv6 routing rules. The
resulting IPv4 packet is then forwarded to the CE's NAT44 function
where the destination port number MUST be checked against the
stateful port mapping session table and the destination port number
MUST be mapped to its original value.
The previous sentence should be reworded to allow static port forwarding.
hmm, what do you mean by static port forwarding?
For example, the user goes to the CPE's admin web interface and configures a
mapping from external port 80 to internal host port 80. That's a static mapping
that needs to be taken into account by the NAT function. The MUSTs above don't
seem to allow the necessary wiggle room.
correct. you cannot do that with A+P. the user looses control of the ports.
I don't see why.
Do we agree that PCP can be used with MAP to manipulate a CPE's mappings?
The fact that the CPE only has access to a limited external port set is of no
consequence. You still have a NAT, and we need to make sure its mappings can be
manipulated by the user.
yes, apologies being sloppy there. you can use PCP.
it may be of limited use, e.g. if your web server is trying to use PCP to open
port 80.
Yes of course. I'm more concerned about modern apps that don't rely on
well-known ports.
My point, concretely, is that the MUSTs above seem to preclude user
manipulation of the NAT mappings. I would suggest instead:
A MAP CE receiving an IPv6 packet to its MAP IPv6 address sends this
packet to the CE's MAP function where it is decapsulated. All other
IPv6 traffic is forwarded as per the CE's IPv6 routing rules. The
resulting IPv4 packet is then forwarded to the CE's NAT44 function,
where it is handled according to the NAT's state.
Simon
--
DTN made easy, lean, and smart --> http://postellation.viagenie.ca
NAT64/DNS64 open-source --> http://ecdysis.viagenie.ca
STUN/TURN server --> http://numb.viagenie.ca
_______________________________________________
Softwires mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/softwires
