Internet-Draft Expires: June 1996 Internet-Draft M. Hurn Nationwide b/s Category: Informational January 1996 Extending NAT Status of this Memo This document is an Internet Draft. Internet Drafts are working documents of the Internet Engineering Task Force (IETF), its Areas, and its Working Groups. Note that other groups may also distribute working documents as Internet Drafts. Internet Drafts are draft documents valid for a maximum of six months. Internet Drafts may be updated, replaced, or obsoleted by other documents at any time. It is not appropriate to use Internet Drafts as reference material or to cite them other than as a "workingdraft" or "work in progress." To learn the current status of any Internet-Draft, please check the "1id-abstracts.txt" listing contained in the internet-drafts Shadow Directories on: ftp.is.co.za (Africa) nic.nordu.net (Europe) ds.internic.net (US East Coast) ftp.isi.edu (US West Coast) munnari.oz.au (Pacific Rim) Synopsis This document describes how the addressing scheme of the 'IP Network Address Translator (NAT) [1] could be extended. The extension exploits the fact that the source port number in a full TCP/IP packet can be any value that the originating host is not currently using for anything else. For convenience the term ENAT will be used for the extended addressing scheme to distinguish it from the original. ENAT could be used equally for UDP/IP as well as TCP/IP, but only the TCP/IP term will be used in this document. Introduction Where NAT systems use a pool of IP addresses a ENAT system would use a pool of source ports. To give an example I will assume that the ENAT system is using a single class C address space (e.g. 192.168.142.x from FRC1597) on its LAN segment. To help with the address translation for all out going packets the addresses have been chosen to give all IP octets in the address 3 ASCII characters (100-255) giving a 15 character string for all addresses an a sub domain such as a corporate network. This is to keep the packet size constant and assumes the receiving host can handle leading zeroes. (See RFC1631 for the full explanation.) The address space has therefore been split into two: 192.168.142.0 to 192.168.142.99 and 192.168.142.255, reserved for use by the ENAT system. The rest 192.168.142.100 to 192.168.142.254 can be dynamically assigned to the PC's by the system using DHCP [2], or they could be manually assigned to the PC's. (Dynamic assignment is the preferred option.) For the WAN interface the ENAT system could use a pre assigned IP address from the users ISP, or dynamically obtain its IP address from the ISP by using DHCP. The ENAT system will dynamically translate the address and port used by the PC; to the IP address of the WAN interface and an unused port number. This I believe will work if the ENAT system keeps track of the TCP ports that have been used. Therefore the ENAT system simply uses extra TCP ports instead of extra IP addresses. It is intended that a ENAT system will work as a DNS server as well as a proxy server for most of the main applications (e.g. mail, web etc). In this way by using proxies their will less need for address translation. In the following examples the IP addresses will be prefixed to indicate Source/Destination address and have the port number indicated thus (42). PC1 Host1 Host2 Host3 PC2 ...101 ...102 ...101 ...102 ...103 | | | | | ------------ ------------------- | 192.168.142. | 192.168.142. | | ...001 ...001 +-------+ +-------+ | ENAT1 | | ENAT2 | +-------+ +-------+ 172.16.42.56 172.30.5.60 | | /----------------------------------------\ | | | The Internet | | | \----------------------------------------/ | 10.234.55.46 Host4 PC1 sends a SMTP packet to Host2 PC1 to ENAT1 S192.168.142.101(120) D172.30.5.60(25) ENAT1 to ENAT2 S172.016.042.056(222) D172.30.5.60(25) ENAT2 to Host2 S172.016.042.056(222) D192.168.142.104(25) This implies that the ENAT systems have a configured table that maps service(port number) to the local host that provides that service. PC2 sends a TFTP packet to Host4 PC2 to ENAT2 S192.168.142.103(456) D10.234.55.46(69) ENAT2 to Host4 S172.030.005.060(753) D10.234.55.46(69) References [1] P. Francis, K. Egevang, "The IP Network Address Translator (Nat)", RFC 1631. [2] Droms, R., "Dynamic Host Configuration Protocol", RFC 1541, Bucknell University, October 1993. Security Considerations Security issues are not discussed in this memo. Author's Address Mike Hurn Nationwide Building Society Network Support Pipers Way Swindon SN38 1NS England Phone: +44 (0)1793 456412 EMail: mikeh@bcs.org.uk Internet-Draft Expires: June 1996