IETF Logo Mail Archive

RE: [midcom] Port preservation

"Christopher A. Martin" <chris@sip1.com> Tue, 27 April 2004 05:19 UTC

Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA20569 for <midcom-archive@odin.ietf.org>; Tue, 27 Apr 2004 01:19:22 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BIKw4-0007Jk-Ex for midcom-archive@odin.ietf.org; Tue, 27 Apr 2004 01:15:12 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i3R5FCTI028124 for midcom-archive@odin.ietf.org; Tue, 27 Apr 2004 01:15:12 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BIKoC-0005fi-QI; Tue, 27 Apr 2004 01:07:04 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BIKjq-0004nR-Rh for midcom@optimus.ietf.org; Tue, 27 Apr 2004 01:02:34 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id BAA19779 for <midcom@ietf.org>; Tue, 27 Apr 2004 01:02:32 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BIKjn-00074m-Sy for midcom@ietf.org; Tue, 27 Apr 2004 01:02:31 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BIKit-0006xX-00 for midcom@ietf.org; Tue, 27 Apr 2004 01:01:36 -0400
Received: from adsl-64-219-190-5.dsl.rcsntx.swbell.net ([64.219.190.5] helo=voyager.sip1.com) by ietf-mx with esmtp (Exim 4.12) id 1BIKi9-0006j8-00 for midcom@ietf.org; Tue, 27 Apr 2004 01:00:50 -0400
Received: from HOME2 (adsl-64-219-190-1.dsl.rcsntx.swbell.net [64.219.190.1]) by voyager.sip1.com (8.12.8/8.12.8) with ESMTP id i3R663w9008333; Tue, 27 Apr 2004 01:06:03 -0500
Reply-To: Chris@sip1.com
From: "Christopher A. Martin" <chris@sip1.com>
To: 'Jonathan Rosenberg' <jdrosen@dynamicsoft.com>
Cc: 'Cullen Jennings' <fluffy@cisco.com>, 'Yutaka Takeda' <takeday@pcrla.com>, 'Midcom' <midcom@ietf.org>, stun@www.vovida.org
Subject: RE: [midcom] Port preservation
Date: Tue, 27 Apr 2004 00:00:05 -0500
Organization: SIP1 Information Services
Message-ID: <000e01c42c14$81eedea0$6402a8c0@HOME2>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
In-Reply-To: <408DE4FD.1090209@dynamicsoft.com>
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.1 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Sender: midcom-admin@ietf.org
Errors-To: midcom-admin@ietf.org
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Id: <midcom.ietf.org>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit

Jonathan,
This was merely an example. 

For clarity, common server ports in this example would be HTTP, SMTP,
FTP, etc. This is a common enterprise deployment use for static
translations that I was describing earlier.

Most developers of well behaved protocols will implement the capability
to listen on the same port they send on, or provide the capability to
configure this. Firewall/NAT vendors typically provide the capability to
configure the static IP/PORT NAT translations for these types of
services, which is why I used this as a possible reason, to answer the
question raised below.

The use described is in no way definitive, but it does provide a
practical use scenario that you will see quite often in the real world.

The capability to perform this type of configuration is essential to
providing secure access policies, a feature that I wish VoIP and other
peer-to-peer protocol developers would have modeled (Some do, but the
standard doesn't require this, which doesn't help security). 

Chris

-----Original Message-----
From: Jonathan Rosenberg [mailto:jdrosen@dynamicsoft.com] 
Sent: Monday, April 26, 2004 11:44 PM
To: Chris@sip1.com
Cc: 'Cullen Jennings'; 'Yutaka Takeda'; 'Midcom'; stun@www.vovida.org
Subject: Re: [midcom] Port preservation



Christopher A. Martin wrote:

> Hi all,
> The only reason that I can think of, that may be a good reason, is to
> provide the appearance that a client is communicating directly with a
> server on a standard server port (for that professional, I'm a big
> organization look and feel). Some applications do check for this for
> paranoid security reasons, but they are less common.

For what application does the protocol expect the SOURCE port to be a 
standard server port? None that I can think of.

-Jonathan R.

-- 
Jonathan D. Rosenberg, Ph.D.                600 Lanidex Plaza
Chief Technology Officer                    Parsippany, NJ 07054-2711
dynamicsoft
jdrosen@dynamicsoft.com                     FAX:   (973) 952-5050
http://www.jdrosen.net                      PHONE: (973) 952-5000
http://www.dynamicsoft.com


_______________________________________________
midcom mailing list
midcom@ietf.org
https://www1.ietf.org/mailman/listinfo/midcom

v2.23.0 | Report a Bug | By Email