[Ietf-behave] IP options and NATs

"Dan Wing" <dwing@cisco.com> Wed, 02 August 2006 16:19 UTC

From: Dan Wing <dwing@cisco.com>
Date: Wed, 02 Aug 2006 09:19:44 -0700
Subject: [Ietf-behave] IP options and NATs
Message-ID: <0e2501c6b64f$76a7fc30$ef52150a@amer.cisco.com>
MIME-Version: 1.0
Content-Type: text/plain

While reviewing draft-pashalidis-nsis-gist-legacynats-00.txt, I noticed:

    >     The discussion in this document is based on the
    >     following assumptions.  
    >     ...
    >     6.  The legacy NAT does not drop IP packets with a
    >         Router Alert Option (RAO) or an IPv6 extensions
    >         header.  Furthermore, the RAO or extension header
    >         is also present in the forwarded packet.  If the
    >         NAT does not do this, then there is no way for a
    >         GIST QUERY to traverse the NAT, which is a
    >         prerequisite for the mechanisms described in this
    >         document.

I am wondering how today's NATs handle IP options.  I asked our engineering
teams and found that Cisco's IOS NAT preserves IP options across the NAT,
but our PIX and our ASA drop all IP options.  Testing will be necessary to
determine how various residential style NATs (Linksys, etc.) handle IP
options such as RAO.

Does anyone know what other NATs do with RAO?

-d

[Ietf-behave] IP options and NATs Dan Wing
RE: [Ietf-behave] IP options and NATs Dave Hudson
Re: [Ietf-behave] IP options and NATs Lars Eggert
[Ietf-behave] IP options and NATs Dan Wing