NAT Behavioral Requirements for TCP draft-ietf-behave-tcp-02

1
NAT Behavioral Requirements for
TCPdraft-ietf-behave-tcp-02

• Presenter Philip Matthews
• Authors
• Saikat Guha (editor)
• Kaushik Biswas, Bryan Ford,
• Senthil Sivakumar, Pyda Srisuresh

2
Three main changes since -01

• All three changes as per consensus at Montreal
  meeting.
• Handling of unexpected inbound SYN packets
• Drop SYN packet, wait 6 seconds, then send ICMP
  Port Unreachable message in reply. However, dont
  send ICMP reply if outbound SYN for connection
  received within 6 seconds.
• Proposal was also reviewed in TCPM WG session.
• Removed mention of Port Preservation
• Used to say if hosts source port in range
  1-1023, then it is RECOMMENDED that the NATs
  source port be in the same range
• Only known beneficiaries of this were the
  R-services (rsh, rcp, rlogin, )
• Now, no mention of this at all.

3
Three Changes (cont.)

• Normatively cite BEHAVE-UDP doc
• Previous version was independent of UDP doc.
• Current version cites UDP doc, but summarizes key
  definitions for reader convenience.

4
Remaining Open Issue

• In which document should the following go?
• REQ-9 Receipt of any sort of ICMP message MUST
  NOT terminate the NAT mapping or TCP connection
  for which the ICMP was generated.
• Two views expressed on the mailing list
• 1. Anything that says ICMP should go into
  BEHAVE-ICMP, OR
• 2. ICMP Request/Response and how to translate
  ICMP messages should go into BEHAVE-ICMP.
  Anything transport protocol related should go
  into the transport document.
• draft-ietf-behave-nat-udp-08 and
  draft-ietf-behave-tcp-02 conform to 2 at the
  moment.