[159825] in North American Network Operators' Group
Re: CGN fixed/hashed nat question
daemon@ATHENA.MIT.EDU (Simon Perreault)
Wed Jan 23 10:54:13 2013
Date: Wed, 23 Jan 2013 16:54:45 +0100
From: Simon Perreault <simon.perreault@viagenie.ca>
To: William Herrin <bill@herrin.us>
In-Reply-To: <CAP-guGUpjFQ=AFkD1sk_U-s2HbDWouLpiDbS6EMaUocY-A0RqQ@mail.gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Le 2013-01-23 16:37, William Herrin a écrit :
>> NAT traversal using port prediction is a Worst Current Practice.
>
> In fact, were someone to use those "worst current practices" to build
> some generic p2p VPN software, even old games could leverage it to
> allow someone behind a CGN to host.
Have a look at this:
http://tools.ietf.org/html/draft-ietf-behave-lsn-requirements
These are the IETF's requirements for CGNs. The intent is to provide
guidelines to vendors so that their CGNs can be as harmless as possible.
A CGN that obeys these requirements will allow NAT traversal by virtue
of having an Endpoint-Independent Mapping behaviour. That is the BCP.
Not port prediction.
Simon
