Home
Reading
Searching
Subscribe
Sponsors
Statistics
Posting
Contact
Spam
Lists
Links
About
Hosting
Filtering
Features Download
Marketing
Archives
FAQ
Blog
 
Gmane
From: Dan Wing <dwing <at> cisco.com>
Subject: [pcp] discuss: open ICMP as side-effect
Newsgroups: gmane.ietf.nat.behave
Date: Tuesday 7th December 2010 19:35:52 UTC (over 6 years ago)
(Sorry, resending this one because I neglected to CC the BEHAVE working
group.  Please direct replies to [email protected])

This is one of the PCP discussion points.

This question is CC'd to BEHAVE, as it was suggested BEHAVE should
provide input on this question.

The question is simple:  when PCP is used to open a UDP/TCP port,
should the NAT, as a side effect:

  (a) also allow ICMP messages associated with that UDP/TCP
      flow.  For example, allow ICMP packet-too-big messages
      associated with that flow.
or
  (b) not allow ICMP messages associated with that UDP/TCP
      flow.  This means PCP (the protocol) and the PCP
      client would need to explicitly permit ICMP messages
      associated with the UDP/TCP flow, if the PCP client
      wants those associated ICMP messages.

I read over BEHAVE's " NAT Behavioral Requirements for ICMP", RFC5508,
and it does not say that ICMP messages should be allowed as a 
side effect of a UDP or TCP flow.

It is my *personal* understanding that 
  (a) BEHAVE expects that a TCP/UDP flow would allow 
      the associated ICMP messages to be NATed.
and 
  (b) Based on (a), I feel PCP should mimic that behavior,
      and should allow the associated ICMP messages as
      a side-effect of opening a TCP/UDP flow.

-d


_______________________________________________
pcp mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/pcp
 
CD: 3ms