git: 192923674e - main - Status/2024Q3: Status report for EIM NAT project

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Tom Jones <thj_at_FreeBSD.org>
Date: Thu, 03 Oct 2024 08:49:41 UTC
The branch main has been updated by thj:

URL: https://cgit.FreeBSD.org/doc/commit/?id=192923674e8d988bbd2ecb3e1571d9fd4e201cb2

commit 192923674e8d988bbd2ecb3e1571d9fd4e201cb2
Author:     Tom Jones <thj@FreeBSD.org>
AuthorDate: 2024-10-03 08:44:41 +0000
Commit:     Tom Jones <thj@FreeBSD.org>
CommitDate: 2024-10-03 08:49:13 +0000

    Status/2024Q3: Status report for EIM NAT project
    
    Approved by: salvadore
    Differential Revision: https://reviews.freebsd.org/D46869
---
 .../en/status/report-2024-07-2024-09/eim-nat.adoc   | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc
new file mode 100644
index 0000000000..dadd78f027
--- /dev/null
+++ b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc
@@ -0,0 +1,21 @@
+=== Endpoint-Independent NAT
+
+Contact: Tom Jones <thj@freebsd.org>
+
+This project aims to add support for Endpoint-Independent Mappings for UDP to the pf and ipfw firewalls.
+
+End Point Independent NAT enables applications behind a NAT speaking to multiple remote hosts to receive the same mappings.
+This allows an application without any NAT traversal mechanisms to work around NAT issues to perform peer discovery.
+From the remote hosts perspective the NAT is transparent and it is as-if there is no NAT at all.
+This form of NAT has been given several names over the last few decades and might be known as 'full-cone' NAT.
+
+Patches to pf landed in early September based on work by Damjan Jovanovic and Naman Sood with updates to work on pf in main.
+The patches add a new 'endpoint-independent' suffix to UDP pf nat rules.
+
+ipfw support for endpoint-independent is going to be made available via libalias, allowing any system which uses libalias for address translation to benefit from the change.
+There is an in-progress review https://reviews.freebsd.org/D46689[D46689] to add support to libalias.
+
+The in-progress change and the committed pf change could both benefit from testing in more and diverse environments.
+
+Sponsor: The FreeBSD Foundation
+Sponsor: Tailscale