draft-rfced-info-hurn-00

Internet-Draft                                        Expires: June 1996

Internet-Draft                                                   M. Hurn
                                                          Nationwide b/s
Category: Informational                                     January 1996


                             Extending NAT

                   <draft-rfced-info-hurn-00.txt>

Status of this Memo

   This document is an Internet Draft.  Internet Drafts are working
   documents of the Internet Engineering Task Force (IETF), its Areas,
   and its Working Groups. Note that other groups may also distribute
   working documents as Internet Drafts.

   Internet Drafts are draft documents valid for a maximum of six
   months.  Internet Drafts may be updated, replaced, or obsoleted by
   other documents at any time.  It is not appropriate to use Internet
   Drafts as reference material or to cite them other than as a
   "workingdraft" or "work in progress."

   To learn the current status of any Internet-Draft, please check the
   "1id-abstracts.txt" listing contained in the internet-drafts Shadow
   Directories on:

         ftp.is.co.za (Africa)
         nic.nordu.net (Europe)
         ds.internic.net (US East Coast)
         ftp.isi.edu (US West Coast)
         munnari.oz.au (Pacific Rim)

Synopsis

This document describes how the addressing scheme of the 'IP Network
Address Translator (NAT) [1] could be extended.  The extension
exploits the fact that the source port number in a full TCP/IP packet
can be any value that the originating host is not currently using for
anything else.

For convenience the term ENAT will be used for the extended addressing
scheme to distinguish it from the original.  ENAT could be used
equally for UDP/IP as well as TCP/IP, but only the TCP/IP term will be
used in this document.


Introduction

Where NAT systems use a pool of IP addresses a ENAT system would use a
pool of source ports.

To give an example I will assume that the ENAT system is using a
single class C address space (e.g. 192.168.142.x from FRC1597) on its
LAN segment.  To help with the address translation for all out going
packets the addresses have been chosen to give all IP octets in the
address 3 ASCII characters (100-255) giving a 15 character string for
all addresses an a sub domain such as a corporate network.  This is to
keep the packet size constant and assumes the receiving host can
handle leading zeroes.  (See RFC1631 for the full explanation.)

The address space has therefore been split into two:

192.168.142.0 to 192.168.142.99 and 192.168.142.255, reserved for use
by the ENAT system.

The rest 192.168.142.100 to 192.168.142.254 can be dynamically
assigned to the PC's by the system using DHCP [2], or they could be
manually assigned to the PC's.  (Dynamic assignment is the preferred
option.)

For the WAN interface the ENAT system could use a pre assigned IP
address from the users ISP, or dynamically obtain its IP address from
the ISP by using DHCP.

The ENAT system will dynamically translate the address and port used
by the PC; to the IP address of the WAN interface and an unused port
number.  This I believe will work if the ENAT system keeps track of
the TCP ports that have been used.

Therefore the ENAT system simply uses extra TCP ports instead of extra
IP addresses.

It is intended that a ENAT system will work as a DNS server as well as
a proxy server for most of the main applications (e.g. mail, web etc).
In this way by using proxies their will less need for address
translation.

In the following examples the IP addresses will be prefixed to
indicate Source/Destination address and have the port number indicated
thus (42).

   PC1    Host1          Host2   Host3    PC2
 ...101  ...102         ...101  ...102  ...103
  |        |                |       |       |
 ------------              -------------------
      |  192.168.142.                 |  192.168.142.
      |                               |
    ...001                         ...001
  +-------+                      +-------+
  | ENAT1 |                      | ENAT2 |
  +-------+                      +-------+
 172.16.42.56                   172.30.5.60
      |                              |
   /----------------------------------------\
   |                                        |
   |             The Internet               |
   |                                        |
   \----------------------------------------/
                       |
                  10.234.55.46
                     Host4

PC1 sends a SMTP packet to Host2

PC1 to ENAT1     S192.168.142.101(120) D172.30.5.60(25)
ENAT1 to ENAT2   S172.016.042.056(222) D172.30.5.60(25)
ENAT2 to Host2   S172.016.042.056(222) D192.168.142.104(25)

This implies that the ENAT systems have a configured table that maps
service(port number) to the local host that provides that service.

PC2 sends a TFTP packet to Host4

PC2 to ENAT2     S192.168.142.103(456) D10.234.55.46(69)
ENAT2 to Host4   S172.030.005.060(753) D10.234.55.46(69)

References

[1]     P. Francis, K. Egevang, "The IP Network Address
Translator (Nat)", RFC 1631.

[2]     Droms, R., "Dynamic Host Configuration Protocol", RFC
1541, Bucknell University, October 1993.

Security Considerations

Security issues are not discussed in this memo.

Author's Address

Mike Hurn
Nationwide Building Society
Network Support
Pipers Way
Swindon
SN38 1NS
England

Phone: +44 (0)1793 456412
EMail: mikeh@bcs.org.uk


Internet-Draft                                        Expires: June 1996
Document	Document type	Expired Internet-Draft (individual) Expired & archived
	Select version	00
	Author	Mike Hurn Email authors
	RFC stream	(None)
	Intended RFC status	(None)
	Other formats	txt pdf bibtex bibxml