[c-nsp] NAT and hairpin's

[Wink]

see:

ftp://ftp.rfc-editor.org/in-notes/internet-drafts/draft-ietf-behave-tcp-07.txt

and

http://tools.ietf.org/html/rfc4787



See section 7.2 in the first.  It looks like what you are asking for 
will be required of all NAT implementations soon for TCP.  It is already 
a BCP and a "requirement" for UDP.

Geyer, Nick wrote:
> Hi Everyone,
>
>  
>
> Just wondering if anyone has come up with a way to hairpin traffic using
> a Cisco router? The problem is as follows;
>
>  
>
> Say for example I have a router connecting to the Internet and an
> internal LAN doing normal NA, e.g;
>
>  
>
> 203.1.2.3 -> ROUTER <- 192.168.1.0/24 (203.1.2.3 being the public IP on
> the "outside" interface)
>
>  
>
> I have an application that talks from clients on the Internet to an
> internal server (192.168.1.1), with the appropriate static NAT's setup
> on the router to forward the traffic. The problem is the internal
> clients also need to talk to the server but on the public IP address
> (203.1.2.3). The traffic from the internal clients will hit the router
> but it wont translate and forward the traffic because its coming from
> the "inside" interface (and the static NAT only works for requests from
> the outside interface).
>
>  
>
> I don't believe it can be done but just thought I would ask in case
> anyone has come up with a weird and wonderful way.
>
>  
>
> Cheers,
>
>  
>
> Nick Geyer.
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> No virus found in this incoming message.
> Checked by AVG - http://www.avg.com 
> Version: 8.0.138 / Virus Database: 270.5.0/1558 - Release Date: 7/17/2008 9:56 AM
>
>
>
>   

No virus found in this outgoing message.
Checked by AVG - http://www.avg.com 
Version: 8.0.138 / Virus Database: 270.5.0/1558 - Release Date: 7/17/2008 9:56 AM