NAT behavior for IP ID field
John Kristoff <jtk@cymru.com> Tue, 31 August 2010 20:04 UTC
Return-Path: <jtk@cymru.com>
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 10AE43A6AC0 for <ietf@core3.amsl.com>; Tue, 31 Aug 2010 13:04:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.827
X-Spam-Level:
X-Spam-Status: No, score=-1.827 tagged_above=-999 required=5 tests=[AWL=0.772, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id s9LRG5aE7hCL for <ietf@core3.amsl.com>; Tue, 31 Aug 2010 13:04:15 -0700 (PDT)
Received: from obelisk11.ord01.cymru.com (obelisk11.ord01.cymru.com [38.229.66.8]) by core3.amsl.com (Postfix) with ESMTP id 319523A6ABE for <ietf@ietf.org>; Tue, 31 Aug 2010 13:04:15 -0700 (PDT)
Received: from t61p (vpn-21-35.svcs.iad01.cymru.com [192.168.21.35]) by obelisk11.ord01.cymru.com (Postfix) with ESMTP id D2027B00B6 for <ietf@ietf.org>; Tue, 31 Aug 2010 20:04:45 +0000 (GMT)
Date: Tue, 31 Aug 2010 15:04:44 -0500
From: John Kristoff <jtk@cymru.com>
To: ietf@ietf.org
Subject: NAT behavior for IP ID field
Message-ID: <20100831150444.22bd579e@t61p>
X-Mailer: Claws Mail
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Aug 2010 20:04:16 -0000
I'm trying to locate an RFC that spells out the behavioral requirements, expectations or guidelines for NAT handling of the IP ID field, particularly for UDP messages. Section 3.2.5 in RFC 3235 briefly mentions issues surrounding IP fragmentation and reassembly, but it doesn't specifically say if NATs should re-write IDs as a general rule. RFC 4787 doesn't seem to address this either. If this is not written down anywhere, do NATs generally rewrite the ID field with or without the MF bit set? For background and reference, I refer you to Steve Bellovin's 'A Technique for Counting NATted Hosts', particularly section IV. Thanks for any pointers, John
- NAT behavior for IP ID field John Kristoff
- Re: NAT behavior for IP ID field Iljitsch van Beijnum
- Re: NAT behavior for IP ID field t.petch
- Re: NAT behavior for IP ID field Iljitsch van Beijnum
- Re: NAT behavior for IP ID field Fernando Gont
- Re: NAT behavior for IP ID field Stephen Kent
- Re: NAT behavior for IP ID field Joe Touch