IETF Logo Mail Archive

[BEHAVE] Re: SCTP over NAT and hole-punching?

Bryan Ford <baford@MIT.EDU> Tue, 11 December 2007 00:19 UTC

Return-path: <behave-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1J1sqQ-0005Y0-QA; Mon, 10 Dec 2007 19:19:30 -0500
Received: from behave by megatron.ietf.org with local (Exim 4.43) id 1J1sqO-0005XV-V7 for behave-confirm+ok@megatron.ietf.org; Mon, 10 Dec 2007 19:19:28 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1J1sqO-0005XN-LQ for behave@ietf.org; Mon, 10 Dec 2007 19:19:28 -0500
Received: from biscayne-one-station.mit.edu ([18.7.7.80]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1J1sqO-0000YF-7P for behave@ietf.org; Mon, 10 Dec 2007 19:19:28 -0500
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id lBB0JOwE006825; Mon, 10 Dec 2007 19:19:24 -0500 (EST)
Received: from [192.168.1.100] (pool-68-160-35-101.bos.east.verizon.net [68.160.35.101]) (authenticated bits=0) (User authenticated as baford@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id lBB0JHjh009722 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NOT); Mon, 10 Dec 2007 19:19:18 -0500 (EST)
Message-Id: <A696640F-D3A6-4CF4-B73A-D7195503A307@mit.edu>
From: Bryan Ford <baford@MIT.EDU>
To: Michael Tuexen <Michael.Tuexen@lurchi.franken.de>
In-Reply-To: <2CAB9B0C-5CD3-4B38-835E-769D05031E71@lurchi.franken.de>
Content-Type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Mime-Version: 1.0 (Apple Message framework v915)
Date: Mon, 10 Dec 2007 19:19:16 -0500
References: <7B55F180-CCEF-447E-97EB-A0F584E5B12C@mit.edu> <36050A33-B215-497D-9671-67F62DAEE45F@lurchi.franken.de> <54A85AEA-CEA3-49B6-AD48-3B848DD3D1BD@mit.edu> <2CAB9B0C-5CD3-4B38-835E-769D05031E71@lurchi.franken.de>
X-Mailer: Apple Mail (2.915)
X-Scanned-By: MIMEDefang 2.42
X-Spam-Flag: NO
X-Spam-Score: 0.00
Content-Transfer-Encoding: 7bit
X-Spam-Score: -4.0 (----)
X-Scan-Signature: fb6060cb60c0cea16e3f7219e40a0a81
Cc: IETF BEHAVE WG <behave@ietf.org>
Subject: [BEHAVE] Re: SCTP over NAT and hole-punching?
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
Errors-To: behave-bounces@ietf.org

Ah - OK, that all sounds great; I wasn't aware of the INIT collision  
extension (i.e., didn't do my homework well enough I guess :) ).

Thanks!
Bryan

On Dec 10, 2007, at 12:16 PM, Michael Tuexen wrote:
> Hi Bryan,
>
> see my comments in-line.
>
> Best regards
> Michael
>
> On Dec 10, 2007, at 4:06 PM, Bryan Ford wrote:
>
>> Another, perhaps more substantial issue that occurred to me with  
>> draft-stewart-behave-sctpnat-03.txt is whether it's possible to  
>> provide any kind of peer-to-peer NAT traversal functionality -  
>> i.e., something analogous to UDP or TCP hole punching - with this  
>> approach, or will NATted SCTP always be strictly limited to client/ 
>> server communication?
> Yes, this will be possible. Both sides will send an INIT to the peer  
> (getting a hole in the NAT) and
> the simultaneous setup works. I'm not sure if we have already enough  
> description in the ID, but
> the next rev will have it.
>>
>>
>> The thing is, you seem to be effectively adding SCTP's VTAG to the  
>> "endpoint address tuple" used by SCTP to distinguish different  
>> streams - i.e., now it's "kinda, sorta" (IP, port, vtag) instead of  
>> just (IP, port).  At least for the possible multiple SCTP  
>> associations that might emerge from a NAT's single public IP  
>> address and the same internal port, and outbound to the same server  
>> address and port, the VTAG provides the only way to distinguish  
>> those streams.  But what if the server wants to be a rendezvous  
>> server of some kind and help clients establish a direct SCTP  
>> association somehow?  Will there need to be a way for one client to  
>> open an outbound SCTP connection to another client's public IP  
>> address and port, specifying explicitly the VTAG the other client  
>> is using to talk to the rendezvous server?  (Even without the "VTAG  
>> addressing" issue this would presumably need to be an extension to  
>> SCTP, since as far as I know SCTP has no simultanous open  
>> functionality like TCP does.)
> Yes, using this kind of rendezvous is possible. We have been asked  
> for it a couple of times
> after the presentation. It is possible, we just did not present it...
>
> And SCTP does support of the 'simultaneous open functionality', it  
> is called INIT collision in RFC 4960.
>>
>>
>> Which I guess brings up the higher-level issue, not yet addressed  
>> in "SCTP NAT Traversal Considerations" (draft-xie-behave-sctp-nat- 
>> cons-03), of whether a "NAT for SCTP" project should include peer- 
>> to-peer connectivity in its scope or stay strictly limited to  
>> client/server?
> No, it will be in the scope. And we will combine the two documents  
> in one.
> To be clear: It will be possible to setup a peer to peer association  
> if both ends know the
> addresses and ports used by the other. Both will start an  
> association and the INIT collision
> handling of SCTP we make sure the only one association is established.
>>
>>
>> Cheers,
>> Bryan
>>
>>
>



_______________________________________________
Behave mailing list
Behave@ietf.org
https://www1.ietf.org/mailman/listinfo/behave

v2.23.0 | Report a Bug | By Email