Hi James,
On Mar 23, 2009, at 5:56 PM, james woodyatt wrote:
On Mar 23, 2009, at 14:39, Fred Baker wrote:
The more appropriate case, called for in RFC 4787, might be to
recognize that this is about to happen and instead of changing the
source address, change the destination address. This results in the
target seeing a datagram from/to the ULA. One direction goes
through the DMZ, but the replies are direct.
That can work for UDP, in those applications that don't care so much
about source and destination addresses for matching session
endpoints, but it doesn't work for connection-oriented transports,
e.g. TCP, SCTP, DCCP, etc. For those transports, hairpinning
requires the NAT to translate both the source and destination
addresses.
Your right. Translation of both addresses is needed, effectively
translating in both the outbound and inbound directions, so that the
return packets will go back through a NAT66 box to be translated back
again.
Margaret
_______________________________________________
nat66 mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/nat66
