IETF Logo Mail Archive

RE: [midcom] Port preservation

"Christopher A. Martin" <chris@sip1.com> Mon, 26 April 2004 21:29 UTC

Received: from optimus.ietf.org (optimus.ietf.org [132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA25149 for <midcom-archive@odin.ietf.org>; Mon, 26 Apr 2004 17:29:17 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BIDWX-0007tM-FN for midcom-archive@odin.ietf.org; Mon, 26 Apr 2004 17:20:22 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id i3QLKLQM030330 for midcom-archive@odin.ietf.org; Mon, 26 Apr 2004 17:20:21 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BIDDD-0002zW-Kz; Mon, 26 Apr 2004 17:00:23 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1BID5k-0008Er-Lh for midcom@optimus.ietf.org; Mon, 26 Apr 2004 16:52:40 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id QAA20065 for <midcom@ietf.org>; Mon, 26 Apr 2004 16:52:37 -0400 (EDT)
Received: from ietf-mx.ietf.org ([132.151.6.1] helo=ietf-mx) by ietf-mx with esmtp (Exim 4.32) id 1BID5i-0001EE-KR for midcom@ietf.org; Mon, 26 Apr 2004 16:52:38 -0400
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1BICvL-0006wc-00 for midcom@ietf.org; Mon, 26 Apr 2004 16:41:56 -0400
Received: from adsl-64-219-190-5.dsl.rcsntx.swbell.net ([64.219.190.5] helo=voyager.sip1.com) by ietf-mx with esmtp (Exim 4.12) id 1BICj9-0004rz-00 for midcom@ietf.org; Mon, 26 Apr 2004 16:29:20 -0400
Received: from HOME2 (adsl-64-219-190-1.dsl.rcsntx.swbell.net [64.219.190.1]) by voyager.sip1.com (8.12.8/8.12.8) with ESMTP id i3QLYbw9007420; Mon, 26 Apr 2004 16:34:37 -0500
Reply-To: Chris@sip1.com
From: "Christopher A. Martin" <chris@sip1.com>
To: 'Cullen Jennings' <fluffy@cisco.com>, 'Yutaka Takeda' <takeday@pcrla.com>, 'Midcom' <midcom@ietf.org>, stun@www.vovida.org
Subject: RE: [midcom] Port preservation
Date: Mon, 26 Apr 2004 15:28:42 -0500
Organization: SIP1 Information Services
Message-ID: <008501c42bcd$11c94670$6402a8c0@HOME2>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook, Build 10.0.3416
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409
In-Reply-To: <BCB297DA.3AC8F%fluffy@cisco.com>
Importance: Normal
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.1 required=5.0 tests=AWL autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Sender: midcom-admin@ietf.org
Errors-To: midcom-admin@ietf.org
X-BeenThere: midcom@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=unsubscribe>
List-Id: <midcom.ietf.org>
List-Post: <mailto:midcom@ietf.org>
List-Help: <mailto:midcom-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/midcom>, <mailto:midcom-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit

Hi all,
The only reason that I can think of, that may be a good reason, is to
provide the appearance that a client is communicating directly with a
server on a standard server port (for that professional, I'm a big
organization look and feel). Some applications do check for this for
paranoid security reasons, but they are less common.

We typically call this a static port translation, irregardless of
vendor, and it can be configured on many of the popular enterprise class
firewalls.

The other common type of configuration used for the same reason would be
a static IP NAT translation, which provides the server with a whole
range of ports that it can be listening on.

Chris

-----Original Message-----
From: midcom-admin@ietf.org [mailto:midcom-admin@ietf.org] On Behalf Of
Cullen Jennings
Sent: Monday, April 26, 2004 3:42 PM
To: Yutaka Takeda; Midcom; stun@www.vovida.org
Subject: Re: [midcom] Port preservation


There may be many but the two reasons I have heard are below - neither
of
which make much sense to me.

Makes debugging easier by not switching the port traffic is on. This
allows
network sniffers and such guess the type of traffic from the port.
(Personally I find this argument a little hard to buy given it is the
source
port that is being preserved and using ports for traffic type
determination
is usually based on the destination port)

Higher odds of interoperability for protocols. The argument goes that A
sends though a NAT to B. B may reply expecting to go to a certain port
number so if that does not change life will be better. I suspect that
most
applications that reply to the correct IP, are likely to also reply to
port
the packet came from but who knows.

The most common answer I get to this questions and the one that seems
most
believable ... "Because vendor X's NAT worked that way so we made ours
do
the same"

I don't know - it is a good questions. Can others provide any insight
into
this?



On 4/23/04 11:19 AM, "Yutaka Takeda" <takeday@pcrla.com> wrote:

> 
> Does anyone know what the real motivation for NAT designers to
> implement the port preservation[1] is? Is there an actual service
> or application that depends on this behavior? I just realized that
> I know such NATs exist but why...
> 
> [1] 
>
http://www.ietf.org/internet-drafts/draft-jennings-midcom-stun-results-0
0.txt
> 
> Yutaka
> 
> _______________________________________________
> midcom mailing list
> midcom@ietf.org
> https://www1.ietf.org/mailman/listinfo/midcom
> 


_______________________________________________
midcom mailing list
midcom@ietf.org
https://www1.ietf.org/mailman/listinfo/midcom


_______________________________________________
midcom mailing list
midcom@ietf.org
https://www1.ietf.org/mailman/listinfo/midcom

v2.23.0 | Report a Bug | By Email