A new IETF draft by Mohamed Boucadair, France Telecom and Tirumaleswar Reddy, Prashanth Patil, and Dan Wing (pictured), Cisco aim to provide granular policy management and enforcement for multiple devices behind a single NAT address.
"This document describes how to use PCP to retrieve the identify of a host behind a NAT. Two use cases are discussed and the PCP applicability is analyzed. This document extends PCP with a new OpCode: QUERY. The proposed mechanism is valid for all NAT flavors including NAT44, NAT64 or NPTv6".
The PCP (Port Control Protocol) QUERY opcode "can be used to query PCP-aware NAT to retrieve the Internal IP Address and Internal Port of a given mapping"
PCP Mapping IPv6 and IPv4 (Source: Cisco) |
See "Using PCP to Reveal a Host behind NAT" - here.
No comments:
Post a Comment