nanog mailing list archives
Re: IPv6 /64 links (was Re: ipv6 book recommendations?)
From: Masataka Ohta <mohta () necom830 hpcl titech ac jp>
Date: Wed, 13 Jun 2012 14:47:35 +0900
Dave Hart wrote:
It is not transparent when you have to negotiate an inbound path for each service.
I mean, for applications, global address and global port numbers are visible.
UPnP is inadequate for carrier NAT due to its model assuming the NAT trusts its clients.
UPnP gateway configured with purely static port mapping needs no security. Assuming shared global address of 131.112.32.132, TCP/UDP port 100 to 199 may be forwarded to port 100 to 199 of 192.168.1.1, port 200 to 299 be forwarded to port 200 to 299 of 192.168.1.2, ...
When TCP headers are being rewritten, it's a strong hint that transparency has been lost, even if some communication remains possible.
UPnP provides information for clients to restore IP and TCP headers from local ones back to global ones, which is visible to applications. See the following protocol stack. UPnP capable NAT GW Client +---------+ | public | | appli- | | cation | information +---------+ +------+ for reverse translation | public | | UPnP |-------------------------->|transport| +---------+---------+ +---------+ | public | private | | private | |transport|transport| |transport| +---------+---------+ +---------+ +---------+ | public | private | | private | | private | | IP | IP | | IP | | IP | +---------+-----------------------+-----------------------+ | privatte datalink | private datalink | +-----------------------+-----------------------+ Masataka Ohta
Current thread:
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?), (continued)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Karl Auer (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- RE: IPv6 /64 links (was Re: ipv6 book recommendations?) Tony Hain (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- RE: IPv6 /64 links (was Re: ipv6 book recommendations?) Tony Hain (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Owen DeLong (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Dave Hart (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 12)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Owen DeLong (Jun 13)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 19)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Karl Auer (Jun 19)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 19)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) valdis . kletnieks (Jun 13)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 19)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) valdis . kletnieks (Jun 19)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 20)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Dave Hart (Jun 20)
- Re: IPv6 /64 links (was Re: ipv6 book recommendations?) Masataka Ohta (Jun 20)