The End-To-End Internet (was Re: Blocking MX query)

Masataka Ohta mohta at necom830.hpcl.titech.ac.jp
Fri Sep 7 01:50:15 CDT 2012


Sean Harlow wrote:

> None of these options are impacted by being behind a NAT as long
> as they have the ability to open a port via UPnP or equivalent,
> so if in an ideal world all client software understood SRV
> records this particular negative of NAT would be of minimal impact.

My point is that the impact can be minimized if

   1) a set of port numbers is statically allocated to a host behind
   NAT without UPnP or PCP, just as allocating a static address to a
   host, which means there is no security concern w.r.t. dynamic
   assignment. Dynamic DNS update is not necessary, either.

   UPnP or PCP can still be used to collect information for reverse
   translation.

   2) reverse translation can be performed by network and/or transport
   layer without involving applications, which makes modifications to
   application programs completely unnecessary. I have already
   confirmed that ftp PORT command work transparently.

> Of course the real world is nowhere close to ideal and
> personally SIP phones and Jabber clients are the only things
> I've ever observed widely using SRV records,

As we can explicitly specify port numbers in URLs, support for
SRV is not very essential.

But, SRV will be more commonly used as PCP will be deployed.

						Masataka Ohta




More information about the NANOG mailing list