[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Tunnel-to-NAT scenario

To: Iljitsch van Beijnum <iljitsch@muada.com>
Subject: Re: Tunnel-to-NAT scenario
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
Date: Wed, 18 Jun 2008 10:18:08 +1200
Cc: IPv6 Operations <v6ops@ops.ietf.org>
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:organization:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; b=UwrUFl77eVmEI1G+BWKk31hSW7DcMJB7Fq+i6N2RdcQk8ZlyaPs/j+5Ue5fT2TA63X cGpyEcE3TxmS7xVK6hXpA52nYqc3E8+suh2R/k7+wolqSwpk7qWHJal28c0eJFqp7Tnj Rgd+Vm0j34OPuSaWO3aA0MGm8dm+OY5qtnP/w=
In-reply-to: <C17751DB-0506-49B2-93FD-812E41A8EDA9@muada.com>
Organization: University of Auckland
References: <4856F297.50608@gmail.com> <7446ED57-C2AF-40D2-A993-42E8F592F049@muada.com> <48583075.2020408@gmail.com> <C17751DB-0506-49B2-93FD-812E41A8EDA9@muada.com>
User-agent: Thunderbird 2.0.0.6 (Windows/20070728)

On 2008-06-18 10:02, Iljitsch van Beijnum wrote:
> On 17 jun 2008, at 23:45, Brian E Carpenter wrote:
> 
>>> The actual packet mangling should be simple
>>> enough, the problem is that the client can't express the IPv6
>>> destination in an IPv4 packet without modifications to the IPv4 client
>>> (and those modifications would be unlikely to work through middleboxes).
> 
>> That's why you go to a traditional v4-to-v4 NAT at the boundary.
>> No new mangling code is needed. From the v4 point of view this
>> is bog standard NAPT with configured port mapping.
> 
> So if you're an IPv4 client and I'm an IPv6 server with address
> 2001:db8:31::1, what do you put in the destination address of the IPv4
> packets you send to me?

The public address of the NAT to which you are tunneling. Of course,
that NAT has to be configured to forward port N through a tunnel
to whatever IPv4 address 2001:db8:31::1 has borrowed.

(draft-despres-v6ops-apbp-00.txt would automate the borrowing
process, if you don't want to configure it.)

This doesn't get rid of NAPT nastiness for supporting servers.
But if someone insists on running a server for IPv4 clients that
doesn't have its own public IPv4 address, that nastiness is
intrinsic. The question is what's the simplest way to deal
with it.

    Brian

References:
- Tunnel-to-NAT scenario
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Tunnel-to-NAT scenario
  - From: Iljitsch van Beijnum <iljitsch@muada.com>
- Re: Tunnel-to-NAT scenario
  - From: Brian E Carpenter <brian.e.carpenter@gmail.com>
- Re: Tunnel-to-NAT scenario
  - From: Iljitsch van Beijnum <iljitsch@muada.com>

Prev by Date: Re: Tunnel-to-NAT scenario
Next by Date: RE: I-D Action:draft-ietf-v6ops-nat64-pb-statement-req-00.txt
Previous by thread: Re: Tunnel-to-NAT scenario
Next by thread: Re: Tunnel-to-NAT scenario
Index(es):
- Date
- Thread