IETF Logo Mail Archive

[pcp] 答复: A question: How can an internal client get the external IP and port of the inner NAT

Chenguohai <chenguohai@huawei.com> Wed, 28 October 2015 00:53 UTC

Return-Path: <chenguohai@huawei.com>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7FFE71B3AA4 for <pcp@ietfa.amsl.com>; Tue, 27 Oct 2015 17:53:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.71
X-Spam-Level:
X-Spam-Status: No, score=-2.71 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, J_CHICKENPOX_35=0.6, J_CHICKENPOX_62=0.6, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4bOL5dCLPIBD for <pcp@ietfa.amsl.com>; Tue, 27 Oct 2015 17:53:33 -0700 (PDT)
Received: from lhrrgout.huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E60141B3AA1 for <pcp@ietf.org>; Tue, 27 Oct 2015 17:53:31 -0700 (PDT)
Received: from 172.18.7.190 (EHLO lhreml403-hub.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id BZK97269; Wed, 28 Oct 2015 00:53:30 +0000 (GMT)
Received: from nkgeml409-hub.china.huawei.com (10.98.56.40) by lhreml403-hub.china.huawei.com (10.201.5.217) with Microsoft SMTP Server (TLS) id 14.3.235.1; Wed, 28 Oct 2015 00:53:28 +0000
Received: from NKGEML501-MBS.china.huawei.com ([169.254.2.75]) by nkgeml409-hub.china.huawei.com ([10.98.56.40]) with mapi id 14.03.0235.001; Wed, 28 Oct 2015 08:53:26 +0800
From: Chenguohai <chenguohai@huawei.com>
To: 🔓Dan Wing <dwing@cisco.com>
Thread-Topic: [pcp] A question: How can an internal client get the external IP and port of the inner NAT
Thread-Index: AdEPkTS55VolCqU8SbKCef9br3WRKgAs4f4AABSA9aD///EoAP/+6SBw
Date: Wed, 28 Oct 2015 00:53:25 +0000
Message-ID: <70006713F8B28D4F88E17B98E1459AB5A3B8BCFE@nkgeml501-mbs.china.huawei.com>
References: <70006713F8B28D4F88E17B98E1459AB5A3B8B8B7@nkgeml501-mbs.china.huawei.com> <787AE7BB302AE849A7480A190F8B933008C87A6D@OPEXCLILMA3.corporate.adroot.infra.ftgroup> <70006713F8B28D4F88E17B98E1459AB5A3B8BBDF@nkgeml501-mbs.china.huawei.com> <171ABDCF-F5DA-44EE-9063-902942400B0D@cisco.com>
In-Reply-To: <171ABDCF-F5DA-44EE-9063-902942400B0D@cisco.com>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.134.50.136]
Content-Type: multipart/alternative; boundary="_000_70006713F8B28D4F88E17B98E1459AB5A3B8BCFEnkgeml501mbschi_"
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <http://mailarchive.ietf.org/arch/msg/pcp/jvagx49TZFmOt8ZrIN-_aXulRkQ>
Cc: ChenGuohai <chenguohai67@outlook.com>, "pcp@ietf.org" <pcp@ietf.org>
Subject: [pcp] 答复: A question: How can an internal client get the external IP and port of the inner NAT
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pcp/>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 28 Oct 2015 00:53:37 -0000

Hi Dan,
There are several examples in the draft  https://tools.ietf.org/html/draft-penno-pcp-nested-nat-03.

BR
G.Robert  Chen

发件人: 🔓Dan Wing [mailto:dwing@cisco.com]
发送时间: 2015年10月28日 0:13
收件人: Chenguohai
抄送: Mohamed Boucadair; ChenGuohai; pcp@ietf.org
主题: Re: [pcp] A question: How can an internal client get the external IP and port of the inner NAT


On 27-Oct-2015 02:19 am, Chenguohai <chenguohai@huawei.com<mailto:chenguohai@huawei.com>> wrote:


Hi Med,

Thanks for providing these links.
Your draft provides many methods valuable for rolling PCP out because many deployed NATs are PCP unware. How about these options progressed. I did not found these options in other material.

Can you draw a network diagram, showing the clients, showing PCP- and PCP-unaware NATs, and showing the Internet?

-d




I also found valuable method terminating resursion in  https://tools.ietf.org/html/rfc7648#section-3.2.

BR
G.Robert  Chen
-------------------------------------------------------------------------------------------------------------------------------------
G.Robert  Chen (Chen Guohai  陈国海). Network Research Department, Huawei Technologies Co., Ltd. Telephone: 0086-25-56624606;   http://www.huawei.com
-------------------------------------------------------------------------------------------------------------------------------------
This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the  information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
----------------------------------------------------------------------------------------------------------------------------------------

发件人: mohamed.boucadair@orange.com<mailto:mohamed.boucadair@orange.com> [mailto:mohamed.boucadair@orange.com]
发送时间: 2015年10月27日 15:19
收件人: Chenguohai; 🔓Dan Wing; ChenGuohai
抄送: pcp@ietf.org<mailto:pcp@ietf.org>
主题: RE: [pcp] A question: How can an internal client get the external IP and port of the inner NAT

Hi Chen,

FWIW, you may read this document: https://tools.ietf.org/html/draft-penno-pcp-nested-nat-03. The content is not that “fresh”, but it discusses some sample configurations (PCP-unaware NAT, PCP-aware NAT, etc.)

In case all your NATs are PCP-aware, you may read https://tools.ietf.org/html/rfc7648#section-1.1. The recursion can be terminated as detailed in: https://tools.ietf.org/html/rfc7648#section-3.2.

Cheers,
Med

De : pcp [mailto:pcp-bounces@ietf.org] De la part de Chenguohai
Envoyé : lundi 26 octobre 2015 02:55
À : 🔓Dan Wing; ChenGuohai
Cc : pcp@ietf.org<mailto:pcp@ietf.org>
Objet : Re: [pcp] A question: How can an internal client get the external IP and port of the inner NAT



Hi Dan,

Thank again.
What is the workflow in nested NATs for internal host?
1: the client must judge how many NATs are there in the path and the order;
2: nogotiate with the fisrt PCP server(in the most nested NAT) for the exteral IP and port;
3:use the negotiated IP and port with the second PCP server;
4 do step 2 and 3 until communicating to the most external PCP server.

Does this make sense?

BR
G.Robert  Chen
-------------------------------------------------------------------------------------------------------------------------------------

发件人: 🔓Dan Wing [mailto:dwing@cisco.com]
发送时间: 2015年10月24日 23:54
收件人: ChenGuohai
抄送: Chenguohai; pcp@ietf.org<mailto:pcp@ietf.org>
主题: Re: [pcp] A question: How can an internal client get the external IP and port of the inner NAT


On 23-Oct-2015 06:04 pm, ChenGuohai <chenguohai67@outlook.com<mailto:chenguohai67@outlook.com>> wrote:
Hi Dan,

Many thanks for your explaination.

Inner NATs are mostly used in residents and external NATs are CGNs is the most common nested NAT case.

Using PCP means that the CPE(inner NAT) must embed a PCP server.  The PCP client should communicats with two PCP servers.

Right.


Using STUN means a STUN server need to be deployed between inner NAT and external NAT. Shall this be common?

Not that I have seen.

-d



Manual configuration is very cost.


BR
G.Robert  Chen

________________________________
Subject: Re: [pcp] A question: How can an internal client get the external IP and port of the inner NAT
From: dwing@cisco.com<mailto:dwing@cisco.com>
Date: Fri, 23 Oct 2015 10:44:15 -0700
CC: pcp@ietf.org<mailto:pcp@ietf.org>; chenguohai67@outlook.com<mailto:chenguohai67@outlook.com>
To: chenguohai@huawei.com<mailto:chenguohai@huawei.com>

On 22-Oct-2015 08:24 pm, Chenguohai <chenguohai@huawei.com<mailto:chenguohai@huawei.com>> wrote:


Hi all,
I am new to PCP and reading RFC6887.I have a question about section 8.1. On the upper part of page 22 writing following,
the PCP-controlled NAT creating pointless non-functional mappings.
   When such an intervening non-PCP-aware inner NAT is detected,
   mappings must first be created by some other means in the inner NAT,
   before mappings can be usefully created in the outer PCP-controlled
   NAT.  Having created mappings in the inner NAT by some other means,
   the PCP client should then use the inner NAT’s external address as
   the client IP address, to signal to the outer PCP-controlled NAT that
   the client is aware of the inner NAT, and has taken steps to create
   mappings in it by some other means, so that mappings created in the
   outer NAT will not be a pointless waste of resources.

My question is that how an interal client could get the external IP and port of the inner NAT.

PCP, UPnP IGD, STUN, manual configuration.

Should there be server between the inner NAT and the external one? How could it be assured that the inner NAT does not change external port?

Hopefully whatever mechanism the client used (PCP, UPnP IGD, STUN, manual configuration) would tell the client of such a change.

-d




BR
G.Robert  Chen
-------------------------------------------------------------------------------------------------------------------------------------
G.Robert  Chen (Chen Guohai  陈国海). Network Research Department, Huawei Technologies Co., Ltd. Telephone: 0086-25-56624606;   http://www.huawei.com<http://www.huawei.com/>
-------------------------------------------------------------------------------------------------------------------------------------
This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the  information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it!
----------------------------------------------------------------------------------------------------------------------------------------



_______________________________________________
pcp mailing list
pcp@ietf.org<mailto:pcp@ietf.org>
https://www.ietf.org/mailman/listinfo/pcp

v2.23.0 | Report a Bug | By Email