Browse Prior Art Database

Protocol Complications with the IP Network Address Translator (RFC3027)

IP.com Disclosure Number: IPCOM000005219D
Original Publication Date: 2001-Jan-01
Included in the Prior Art Database: 2001-Aug-17
Document File: 21 page(s) / 49K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Holdrege: AUTHOR [+2]

Abstract

Many internet applications can be adversely affected when end nodes are not in the same address realm and seek the assistance of an IP Network Address Translator (NAT) enroute to bridge the realms. The NAT device alone cannot provide the necessary application/protocol transparency in all cases and seeks the assistance of Application Level Gateways (ALGs) where possible, to provide transparency. The purpose of this document is to identify the protocols and applications that break with NAT enroute. The document also attempts to identify any known workarounds. It is not possible to capture all applications that break with NAT in a single document. This document attempts to capture as much information as possible, but is by no means a comprehensive coverage. We hope the coverage provides sufficient clues for applications not covered.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group M. Holdrege Request for Comments: 3027 ipVerse Category: Informational P. Srisuresh Jasmine Networks

January 2001

Protocol Complications with the IP Network Address Translator

Status of this Memo

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2001). All Rights Reserved.

Abstract

Many internet applications can be adversely affected when end nodes are not in the same address realm and seek the assistance of an IP Network Address Translator (NAT) enroute to bridge the realms. The NAT device alone cannot provide the necessary application/protocol transparency in all cases and seeks the assistance of Application Level Gateways (ALGs) where possible, to provide transparency. The purpose of this document is to identify the protocols and applications that break with NAT enroute. The document also attempts to identify any known workarounds. It is not possible to capture all applications that break with NAT in a single document. This document attempts to capture as much information as possible, but is by no means a comprehensive coverage. We hope the coverage provides sufficient clues for applications not covered.

Table of Contents

1.0 Introduction .............................................. 2 2.0 Common Characteristics of Protocols broken by NAT ......... 2 3.0 Protocols that cannot work with NAT enroute ............... 4 4.0 Protocols that can work with the aid of an ALG ............ 8 5.0 Protocols designed explicitly to work with NAT enroute .... 16 6.0 Acknowledgements .......................................... 17 7.0 Security Considerations ................................... 17 8.0 References ................................................ 17 9.0 Authors' Addresses ........................................ 19 10.0 Full Copyright Statement ................................ 20

Holdrege Srisuresh Informational [Page 1]

RFC 3027 Protocol Complications with NAT January 2001

1.0 Introduction

This document requires the reader to be familiar with the terminology and function of NAT devices as described in [NAT-TERM]. In a nutshell, NAT attempts to provide a transparent routing solution to end hosts requiring communication to disparate address realms. NAT modifies end node addresses (within the IP header of a packet) en- route and maintains state for these updates so that datagrams pertaining to a session are transparently routed to the right end- node in either realm. Where possible, application specific ALGs may be used in conjunction with NAT to provide application level transparency. Unlike NAT, the function of ALG is application specific and would likely require examination and recomposition of IP payload.

The following sections attempt to list applications that are known to have been impacted by NAT devices enroute. However, this is by no means a comprehensive list of all known protocols...