[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: on NAT-PT
> > it looks that you mean something else, like avoiding the use of
> > DNS-ALG from NAT-PT (= alter NAT-PT spec). i don't see real
> > technical ground for that.
>
> There is some ground: the possibility to use NAT-PT when the remote
> address is learned outside of the DNS channel.
more generally, the possibility to selectively enable NAT-PT for specific
services while leaving it disabled for others, regardless of how the
application learns which address(es) to use.
e.g. to support IPv6 access to a domain's v4-only SMTP servers I would
like to be able to set up MX records for that domain that point to DNS
names that resolve to v6 addresses of NAT-PT boxes that will forward
the SMTP traffic to the v4-only SMTP servers. the primary MX records
can point to v4 addresses, secondary MX records can point to NAT-PT
boxes. that way the mail will be accepted even from v6-only clients.
similar techniques can be used with SRV records, or with other protocols
that do referrals.
what I do not want is to have those NAT-PT boxes try to intercept all
traffic to a particular domain, because this will break some apps.
I'd much rather be able to specify handling on a per-port or per-service
basis, even if that means returning 'connection refused' for some ports.
- References:
- RE: on NAT-PT
- From: "Christian Huitema" <huitema@windows.microsoft.com>