[BEHAVE] REQ-5, RFC5508
WashamFan <Washam.Fan@huaweisymantec.com> Fri, 05 February 2010 06:49 UTC
Return-Path: <Washam.Fan@huaweisymantec.com>
X-Original-To: behave@core3.amsl.com
Delivered-To: behave@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D899C28C0E7 for <behave@core3.amsl.com>; Thu, 4 Feb 2010 22:49:13 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.582
X-Spam-Level: *
X-Spam-Status: No, score=1.582 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_COM=0.553, RDNS_NONE=0.1, SUBJ_ALL_CAPS=2.077]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vv3HYaR0y8cQ for <behave@core3.amsl.com>; Thu, 4 Feb 2010 22:49:12 -0800 (PST)
Received: from mta1.huaweisymantec.com (unknown [218.17.155.14]) by core3.amsl.com (Postfix) with ESMTP id 5B9253A6DB0 for <behave@ietf.org>; Thu, 4 Feb 2010 22:49:12 -0800 (PST)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-disposition: inline
Content-type: text/plain; charset="us-ascii"
Received: from hstml01-in.huaweisymantec.com ([172.26.3.41]) by hstga01-in.huaweisymantec.com (Sun Java(tm) System Messaging Server 6.3-8.03 (built Apr 24 2009; 32bit)) with ESMTP id <0KXC00ARMWB25C70@hstga01-in.huaweisymantec.com> for behave@ietf.org; Fri, 05 Feb 2010 14:49:51 +0800 (CST)
Received: from huaweisymantec.com ([127.0.0.1]) by hstml01-in.huaweisymantec.com (Sun Java(tm) System Messaging Server 6.3-8.03 (built Apr 24 2009; 32bit)) with ESMTP id <0KXC00E2VWB2TU20@hstml01-in.huaweisymantec.com> for behave@ietf.org; Fri, 05 Feb 2010 14:49:50 +0800 (CST)
Received: from [10.27.154.141] by hstml01-in.huaweisymantec.com (mshttpd); Fri, 05 Feb 2010 14:49:50 +0800
From: WashamFan <Washam.Fan@huaweisymantec.com>
To: behave@ietf.org
Message-id: <fc9ed4e7196b.4b6c300e@huaweisymantec.com>
Date: Fri, 05 Feb 2010 14:49:50 +0800
X-Mailer: Sun Java(tm) System Messenger Express 6.3-8.03 (built Apr 24 2009; 32bit)
Content-language: en
X-Accept-Language: en
Priority: normal
Subject: [BEHAVE] REQ-5, RFC5508
X-BeenThere: behave@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: mailing list of BEHAVE IETF WG <behave.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/behave>
List-Post: <mailto:behave@ietf.org>
List-Help: <mailto:behave-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/behave>, <mailto:behave-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2010 06:49:14 -0000
Hi,
THe text says
REQ-5: If a NAT device receives an ICMP Error packet from the private
realm, and the NAT does not have an active mapping for the
embedded payload, the NAT SHOULD silently drop the ICMP Error
packet. If the NAT has active mapping for the embedded
payload, then the NAT MUST do the following prior to
forwarding the packet, unless explicitly overridden by local
policy:
a) Revert the IP and transport headers of the embedded IP
packet to their original form, using the matching mapping;
and
b) Leave the ICMP Error type and code unchanged; and
c) If the NAT enforces Basic NAT function ([NAT-TRAD]), and
the NAT has active mapping for the IP address that sent the
ICMP Error, translate the source IP address of the ICMP
Error packet with the public IP address in the mapping. In |
all other cases, translate the source IP address of the |
ICMP Error packet with its own public IP address. |
I have a comment on the last sentence.
Please note that NAPT can have a address pool either. If the ICMP
Error message generated by an intermediate node in the interal realm,
and NAPT has no corresponding active mapping for this node. The
last sentence applies in this case, but which one should be picked up
for mapping if the NAPT has multiple external addresses.
Thanks,
washam
- [BEHAVE] REQ-5, RFC5508 WashamFan
- Re: [BEHAVE] REQ-5, RFC5508 Senthil Sivakumar (ssenthil)