draft-macdonald-behave-nat-behavior-discovery-00

1
draft-macdonald-behave-nat-behavior-discovery-00

• Derek MacDonald
• Bruce Lowekamp

2
Overview

• Updates the behavior discovery operations from
  3489 to 3489bis
• Emphasizes that the results are not reliable and
  only give the current behavior of the NAT these
  tests cannot be used to avoid other NAT traversal
  approaches. Caveat Emptor.

3
Use Cases

• P2PSIP endpoints to check if they might be a good
  peer or supernode candidate
• Administrative diagnostics and information
• Applications can select initial operating modes
  and optimizations
• None of this implies that applications should use
  this as a replacement for other NAT traversal
  techniques!

4
Usage Discovery Issue

• SRV Target
• Yes, but target should point to same port as
  binding usage
• Multiplexing
• Draft used empty OTHER-ADDRESS
• New proposal add a new OTHER-ADDRESS-REQUEST
  optional attribute to request server respond with
  OTHER-ADDRESS
• 3489 will always include OTHER-ADDRESS in reply

5
RESPONSE-ADDRESS Security

• Draft says server must maintain state to only
  follow RESPONSE-ADDRESS if a pervious request was
  received from that address
• Is this too strong?
• No amplification
• It requires state in the server
• Could rate-limit

6
Next Steps

• Adopt as working group item