NAT Behavioral Requirements for TCP draft-ietf-behave-tcp-02

1. NAT Behavioral Requirements for TCPdraft-ietf-behave-tcp-02 Presenter: Philip Matthews Authors: Saikat Guha (editor) Kaushik Biswas, Bryan Ford, Senthil Sivakumar, Pyda Srisuresh

2. Three main changes since -01 All three changes as per consensus at Montreal meeting. • Handling of unexpected inbound SYN packets • Drop SYN packet, wait 6 seconds, then send ICMP Port Unreachable message in reply. However, don’t send ICMP reply if outbound SYN for connection received within 6 seconds. • Proposal was also reviewed in TCPM WG session. • Removed mention of Port Preservation • Used to say ““if host’s source port in range 1-1023, then it is RECOMMENDED that the NAT’s source port be in the same range” • Only known beneficiaries of this were the R-services (rsh, rcp, rlogin, …) • Now, no mention of this at all.

3. Three Changes (cont.) • Normatively cite BEHAVE-UDP doc • Previous version was independent of UDP doc. • Current version cites UDP doc, but summarizes key definitions for reader convenience.

4. Remaining Open Issue • In which document should the following go? • REQ-9: Receipt of any sort of ICMP message MUST NOT terminate the NAT mapping or TCP connection for which the ICMP was generated. Two views expressed on the mailing list: 1. Anything that says ICMP should go into BEHAVE-ICMP, OR 2. ICMP Request/Response and how to translate ICMP messages should go into BEHAVE-ICMP. Anything transport protocol related should go into the transport document. draft-ietf-behave-nat-udp-08 and draft-ietf-behave-tcp-02 conform to #2 at the moment.