Skip to main content

Unintended Consequences of NAT Deployments with Overlapping Address Space
draft-ford-behave-top-07

Revision differences

Document history

Date Rev. By Action
2009-09-15
07 (System) IANA Action state changed to No IC from In Progress
2009-09-15
07 (System) IANA Action state changed to In Progress
2009-09-14
07 Cindy Morgan State Changes to RFC Ed Queue from Approved-announcement sent by Cindy Morgan
2009-09-14
07 Amy Vezza IESG state changed to Approved-announcement sent
2009-09-14
07 Amy Vezza IESG has approved the document
2009-09-14
07 Amy Vezza Closed "Approve" ballot
2009-09-11
07 (System) Removed from agenda for telechat - 2009-09-10
2009-09-10
07 Cindy Morgan State Changes to Approved-announcement to be sent from IESG Evaluation::AD Followup by Cindy Morgan
2009-09-10
07 Jari Arkko [Ballot Position Update] New position, No Objection, has been recorded by Jari Arkko
2009-09-09
07 Cullen Jennings [Ballot comment]
Thank you to the authors and RFC Ed for the changes made to this document.
2009-09-09
07 Cullen Jennings [Ballot discuss]
2009-09-09
07 Cullen Jennings [Ballot Position Update] Position for Cullen Jennings has been changed to Yes from Discuss by Cullen Jennings
2009-08-31
07 Magnus Westerlund Going for second RFC 3932 review due to extensive changes.
2009-08-31
07 Magnus Westerlund Placed on agenda for telechat - 2009-09-10 by Magnus Westerlund
2009-08-12
07 (System) New version available: draft-ford-behave-top-07.txt
2009-06-18
07 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded by Adrian Farrel
2009-06-17
07 Pasi Eronen [Ballot Position Update] New position, No Objection, has been recorded by Pasi Eronen
2009-06-15
07 Lisa Dusseault [Ballot Position Update] New position, No Objection, has been recorded by Lisa Dusseault
2009-06-04
07 Cindy Morgan Telechat date was changed to 2009-06-18 from 2009-06-04 by Cindy Morgan
2009-06-04
07 Cindy Morgan State Changes to IESG Evaluation::AD Followup from IESG Evaluation by Cindy Morgan
2009-06-04
07 Amanda Baber IANA comments:

As described in the IANA Considerations section, we understand this document
to have NO IANA Actions.
2009-06-03
07 Ross Callon [Ballot Position Update] New position, No Objection, has been recorded by Ross Callon
2009-06-03
07 Cullen Jennings
[Ballot discuss]
I think document is confused about how two different interfaces can have the same IP and how that works. The advice about split …
[Ballot discuss]
I think document is confused about how two different interfaces can have the same IP and how that works. The advice about split VPN goes strongly against what the RAI area generally recommends. The advice about blocking IP that mach the IP of of the access router is really bad and  goes against what pretty much every VPN product I could find to test actually does. I would like to talk on the call about if this draft is harmful for VPN deployments and if it should be DNP.
2009-06-03
07 Cullen Jennings [Ballot Position Update] New position, Discuss, has been recorded by Cullen Jennings
2009-06-03
07 Robert Sparks [Ballot Position Update] New position, No Objection, has been recorded by Robert Sparks
2009-06-03
07 Russ Housley [Ballot Position Update] New position, No Objection, has been recorded by Russ Housley
2009-06-03
07 Ron Bonica [Ballot Position Update] New position, No Objection, has been recorded by Ron Bonica
2009-06-03
07 Lars Eggert [Ballot Position Update] New position, No Objection, has been recorded by Lars Eggert
2009-06-02
07 Ralph Droms
[Ballot comment]
I'm confused by the example in section 3.2.4.  Does the example discuss hijacking inbound mail, outbound mail or IMAP/POP access? 

Does this sentence …
[Ballot comment]
I'm confused by the example in section 3.2.4.  Does the example discuss hijacking inbound mail, outbound mail or IMAP/POP access? 

Does this sentence from the second paragraph in 3.2.4 refer to NAT-2 in figure 1.1:

  Ideally, ISPs should not use NAT devices to provide connectivity to
  their customers.

LSNs (large scale NATs) seem to be an inevitable example of deployments like NAT-2.  Perhaps section 3.2.4 could be expanded to explain how NAT-2 and NAT-3 would be configured to accommodate inbound mail to a mail server on Host G?
2009-06-02
07 Ralph Droms [Ballot Position Update] New position, No Objection, has been recorded by Ralph Droms
2009-05-25
07 Magnus Westerlund [Ballot Position Update] New position, Yes, has been recorded for Magnus Westerlund
2009-05-25
07 Magnus Westerlund Ballot has been issued by Magnus Westerlund
2009-05-25
07 Magnus Westerlund Created "Approve" ballot
2009-05-25
07 (System) Ballot writeup text was added
2009-05-25
07 (System) Last call text was added
2009-05-25
07 (System) Ballot approval text was added
2009-05-25
07 Magnus Westerlund State Changes to IESG Evaluation from Publication Requested by Magnus Westerlund
2009-05-25
07 Magnus Westerlund Placed on agenda for telechat - 2009-06-04 by Magnus Westerlund
2009-05-25
07 Magnus Westerlund Note field has been cleared by Magnus Westerlund
2009-05-19
07 Cindy Morgan Removed from agenda for telechat - 2009-05-21 by Cindy Morgan
2009-05-19
07 Magnus Westerlund Responsible AD has been changed to Magnus Westerlund from Russ Housley
2009-05-08
07 Cindy Morgan
IESG,

This document was submitted to the RFC Editor to be published as an
Informational Independent Submission: draft-ford-behave-top-06.txt.

Please let us know if this document …
IESG,

This document was submitted to the RFC Editor to be published as an
Informational Independent Submission: draft-ford-behave-top-06.txt.

Please let us know if this document conflicts with the IETF standards
process or other work being done in the IETF community.


Unintended Consequence of two NAT deployments with
Overlapping Address Space

This document identifies two deployment scenarios that have arisen
from the unconventional network topologies formed using Network
Address Translator devices (NATs). First, the simplicity of
administering networks through the combination of NAT and DHCP has
increasingly lead to the deployment of multi-level inter-connected
private networks involving overlapping private IP address spaces.
Second, the proliferation of private networks in enterprises,
hotels and conferences, and the wide spread use of Virtual Private
Networks (VPNs) to access enterprise intranet from remote locations
has increasingly lead to overlapping private IP address space
between remote and corporate networks. The document does not
dismiss these unconventional scenarios as invalid, but recognizes
them as real and offers recommendations to help ensure these
deployments can function without a meltdown.


Four week timeout expires on 5 June 2009.
2009-05-08
07 Cindy Morgan Draft Added by Cindy Morgan in state Publication Requested
2009-03-23
06 (System) New version available: draft-ford-behave-top-06.txt
2008-11-25
05 (System) New version available: draft-ford-behave-top-05.txt
2008-10-19
04 (System) New version available: draft-ford-behave-top-04.txt
2006-10-26
03 (System) New version available: draft-ford-behave-top-03.txt
2006-07-31
02 (System) New version available: draft-ford-behave-top-02.txt
2006-03-06
01 (System) New version available: draft-ford-behave-top-01.txt
2005-02-15
00 (System) New version available: draft-ford-behave-top-00.txt