Network Address Translation (NAT) Behavioral Requirements for Unicast UDP
RFC 4787
| Document | Type |
RFC - Best Current Practice
(January 2007; No errata)
Also known as BCP 127
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Replaces | draft-ietf-behave-nat | ||
| Stream | IETF | ||
| Formats | plain text pdf htmlized bibtex | ||
| Stream | WG state | WG Document | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | RFC 4787 (Best Current Practice) | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | Magnus Westerlund | ||
| Send notices to | (None) | ||
Network Working Group F. Audet, Ed.
Request for Comments: 4787 Nortel Networks
BCP: 127 C. Jennings
Category: Best Current Practice Cisco Systems
January 2007
Network Address Translation (NAT) Behavioral Requirements
for Unicast UDP
Status of This Memo
This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2007).
Abstract
This document defines basic terminology for describing different
types of Network Address Translation (NAT) behavior when handling
Unicast UDP and also defines a set of requirements that would allow
many applications, such as multimedia communications or online
gaming, to work consistently. Developing NATs that meet this set of
requirements will greatly increase the likelihood that these
applications will function properly.
Audet & Jennings Best Current Practice [Page 1]
RFC 4787 NAT UDP Unicast Requirements January 2007
Table of Contents
1. Applicability Statement . . . . . . . . . . . . . . . . . . . 3
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Network Address and Port Translation Behavior . . . . . . . . 5
4.1. Address and Port Mapping . . . . . . . . . . . . . . . . . 5
4.2. Port Assignment . . . . . . . . . . . . . . . . . . . . . 9
4.2.1. Port Assignment Behavior . . . . . . . . . . . . . . . 9
4.2.2. Port Parity . . . . . . . . . . . . . . . . . . . . . 11
4.2.3. Port Contiguity . . . . . . . . . . . . . . . . . . . 11
4.3. Mapping Refresh . . . . . . . . . . . . . . . . . . . . . 12
4.4. Conflicting Internal and External IP Address Spaces . . . 13
5. Filtering Behavior . . . . . . . . . . . . . . . . . . . . . . 15
6. Hairpinning Behavior . . . . . . . . . . . . . . . . . . . . . 16
7. Application Level Gateways . . . . . . . . . . . . . . . . . . 17
8. Deterministic Properties . . . . . . . . . . . . . . . . . . . 18
9. ICMP Destination Unreachable Behavior . . . . . . . . . . . . 19
10. Fragmentation of Outgoing Packets . . . . . . . . . . . . . . 20
11. Receiving Fragmented Packets . . . . . . . . . . . . . . . . . 20
12. Requirements . . . . . . . . . . . . . . . . . . . . . . . . . 21
13. Security Considerations . . . . . . . . . . . . . . . . . . . 24
14. IAB Considerations . . . . . . . . . . . . . . . . . . . . . . 25
15. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 26
16. References . . . . . . . . . . . . . . . . . . . . . . . . . . 26
16.1. Normative References . . . . . . . . . . . . . . . . . . . 26
16.2. Informative References . . . . . . . . . . . . . . . . . . 26
Audet & Jennings Best Current Practice [Page 2]
RFC 4787 NAT UDP Unicast Requirements January 2007
1. Applicability Statement
The purpose of this specification is to define a set of requirements
for NATs that would allow many applications, such as multimedia
communications or online gaming, to work consistently. Developing
NATs that meet this set of requirements will greatly increase the
likelihood that these applications will function properly.
The requirements of this specification apply to Traditional NATs as
described in [RFC2663].
This document is meant to cover NATs of any size, from small
residential NATs to large Enterprise NATs. However, it should be
understood that Enterprise NATs normally provide much more than just
NAT capabilities; for example, they typically provide firewall
functionalities. A comprehensive description of firewall behaviors
and associated requirements is specifically out-of-scope for this
specification. However, this specification does cover basic firewall
aspects present in NATs (see Section 5).
Approaches using directly signaled control of middle boxes are out of
scope.
UDP Relays (e.g., Traversal Using Relay NAT [TURN]) are out of scope.
Application aspects are out of scope, as the focus here is strictly
on the NAT itself.
This document only covers aspects of NAT traversal related to Unicast
UDP [RFC0768] over IP [RFC0791] and their dependencies on other
protocols.
2. Introduction
Network Address Translators (NATs) are well known to cause very
significant problems with applications that carry IP addresses in the
payload (see [RFC3027]). Applications that suffer from this problem
Show full document text