On 8/20/2014 11:56 PM, Valery Smyslov wrote:
Hi,
I have some concerns regarding using of tcpinc
with those protocols, that transfer network information inside
application PDU.
Most notable of such protocols is FTP,
which transfers IP address and port for
data connection inside control connection.
Thus, when FTP is used with NAT the NAT must inspect content of control
connection, and if PORT command (or reply to PASV command) is found, it
must modify the address and port
accordingly (and must prepare new NAT mapping)
for the requested data connection to be able to be created.
The tcpinc charter states that:
- It should work over the vast majority of paths that unmodified TCP
works over, in particular it must be compatible with NATs (at the very
minimum with the NATs that comply with BEHAVE requirements as
documented in RFC4787, RFC5382 and RFC5508).
- The protocol must be usable by unmodified applications.[...]
I doubt we should assume a solution beyond that which is already widely
used in when encryption is combined with NATs - e.g., passive FTP.
Joe
_______________________________________________
Tcpinc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/tcpinc
