From nobody Thu Oct 03 08:49:41 2024 X-Original-To: dev-commits-doc-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XK52t0SxPz5XyPv for ; Thu, 03 Oct 2024 08:49:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XK52s61Dsz43YR; Thu, 3 Oct 2024 08:49:41 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1727945381; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Y+ZO90PQBIrg4T6eOlWrgUX0FjenmTtJtjuXnrAAQwA=; b=eOVmcRa0C6W7voXCYG2/SmmOyumGT1nrmnPPPLpQojxqqfqh0E5AWHS3RrX+lsqJilLg5S 0BKIhEQGUrS2JMQv3jyBBk/kgFtKcrJhLUWNjzVf/SqVDkWobrIlNAa5w98Q+VCUIPWAXg H5VgKqVy7Ma7fhAgSpoSGFQw5Anq3LHkwhW855fEtVe8BZwNiZ0saUciMSeb8NPCHDWtd6 73tVlJZ9u4z7awOu5/2xgEdadUIUUOFcx8EZRVRPwfa8EWTU60gq4YcUqohV9lBtLMovLd jYw4CfC7J5O1LJkC3neapwlVBigaFZLsDeT6q4+V7+o37QLM6lJ5Qvg0KXV/5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1727945381; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Y+ZO90PQBIrg4T6eOlWrgUX0FjenmTtJtjuXnrAAQwA=; b=OD/Obh9RT7HwBPWMFXQidiqh+Isa5SI/I659/G7l8DzYj+YcoA+9lz/JyES6qT0mCY1lmy 17Kbfhvehxevn8wo1Bd8BBALimfzA8EtwLMt0ifJHZ6i1pVIPReGcspzd3bi/tg7iU6OLs 0+4BIuz4UjjNFYcreQUBpwiPsotfnIhLOi8YBGZMJVdE+1y9/vz6gmyld2zJXjhv07/0k7 a2ziqqGhbTkJn83swasjxS+sA29U9pfLP+Oz4QSCrXwtTtOUdtAAvux30FYfSVXFIgZeuo L3cMZb2dhqK2aNUXIAygE9lAEchvmY3ub7xv6xKJUINUIcfETyyyvYTnnQLEIA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1727945381; a=rsa-sha256; cv=none; b=LoSu9F6s26a9ImHycpoEPwfvk0qt4guU6Qj/8vGOlj09zKBKuIRLU5unxfcCl/R1MMoe6N 2wW8XQ1nB3otIl5Y7qGS05O/V7TLEWPj7suTJNvrsnYs9WcQB6ptYTJNVI0HUlcAMAAgmm uQhOtLqcQpPp72PY0EsTUNKvIilwpkpsoRFH/Z14Y70N8aaqmFHG/XJtMy0sO1uvMJmgNT wXU6zXGFGIw2pyM8oChxAkspS3QmvDytYMFP0QrAZot8x34/KAdeFIORu2AFLerkYc9xfV 65oPGZZqBywCQCWog8pmjNZBuAiyAUYSCMdWB3ZaUC7y3MVMZVcVb34v7goOlQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4XK52s5dQSzkPM; Thu, 3 Oct 2024 08:49:41 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 4938nfJt070663; Thu, 3 Oct 2024 08:49:41 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 4938nfF5070660; Thu, 3 Oct 2024 08:49:41 GMT (envelope-from git) Date: Thu, 3 Oct 2024 08:49:41 GMT Message-Id: <202410030849.4938nfF5070660@gitrepo.freebsd.org> To: doc-committers@FreeBSD.org, dev-commits-doc-all@FreeBSD.org From: Tom Jones Subject: git: 192923674e - main - Status/2024Q3: Status report for EIM NAT project List-Id: Commit messages for all branches of the doc repository List-Archive: https://lists.freebsd.org/archives/dev-commits-doc-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-doc-all@freebsd.org Sender: owner-dev-commits-doc-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: thj X-Git-Repository: doc X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 192923674e8d988bbd2ecb3e1571d9fd4e201cb2 Auto-Submitted: auto-generated The branch main has been updated by thj: URL: https://cgit.FreeBSD.org/doc/commit/?id=192923674e8d988bbd2ecb3e1571d9fd4e201cb2 commit 192923674e8d988bbd2ecb3e1571d9fd4e201cb2 Author: Tom Jones AuthorDate: 2024-10-03 08:44:41 +0000 Commit: Tom Jones CommitDate: 2024-10-03 08:49:13 +0000 Status/2024Q3: Status report for EIM NAT project Approved by: salvadore Differential Revision: https://reviews.freebsd.org/D46869 --- .../en/status/report-2024-07-2024-09/eim-nat.adoc | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc new file mode 100644 index 0000000000..dadd78f027 --- /dev/null +++ b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc @@ -0,0 +1,21 @@ +=== Endpoint-Independent NAT + +Contact: Tom Jones + +This project aims to add support for Endpoint-Independent Mappings for UDP to the pf and ipfw firewalls. + +End Point Independent NAT enables applications behind a NAT speaking to multiple remote hosts to receive the same mappings. +This allows an application without any NAT traversal mechanisms to work around NAT issues to perform peer discovery. +From the remote hosts perspective the NAT is transparent and it is as-if there is no NAT at all. +This form of NAT has been given several names over the last few decades and might be known as 'full-cone' NAT. + +Patches to pf landed in early September based on work by Damjan Jovanovic and Naman Sood with updates to work on pf in main. +The patches add a new 'endpoint-independent' suffix to UDP pf nat rules. + +ipfw support for endpoint-independent is going to be made available via libalias, allowing any system which uses libalias for address translation to benefit from the change. +There is an in-progress review https://reviews.freebsd.org/D46689[D46689] to add support to libalias. + +The in-progress change and the committed pf change could both benefit from testing in more and diverse environments. + +Sponsor: The FreeBSD Foundation +Sponsor: Tailscale