Page MenuHomeFreeBSD
Files F154272244

D46869.id144161.diff
No OneTemporary
Actions

D46869.id144161.diff
View Options

diff --git a/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc
new file mode 100644
--- /dev/null
+++ b/website/content/en/status/report-2024-07-2024-09/eim-nat.adoc
@@ -0,0 +1,21 @@
+=== Endpoint-Independent NAT
+
+Contact: Tom Jones <thj@freebsd.org>
+
+This project aims to add support for Endpoint-Independent Mappings for UDP to the pf and ipfw firewalls.
+
+End Point Independent NAT enables applications behind a NAT speaking to multiple remote hosts to receive the same mappings.
+This allows an application without any NAT traversal mechanisms to work around NAT issues to perform peer discovery.
+From the remote hosts perspective the NAT is transparent and it is as-if there is no NAT at all.
+This form of NAT has been given several names over the last few decades and might be known as 'full-cone' NAT.
+
+Patches to pf landed in early September based on work by Damjan Jovanovic and Naman Sood with updates to work on pf in main.
+The patches add a new 'endpoint-independent' suffix to UDP pf nat rules.
+
+ipfw support for endpoint-independent is going to be made available via libalias, allowing any system which uses libalias for address translation to benefit from the change.
+There is an in-progress review https://reviews.freebsd.org/D46689[D46689] to add support to libalias.
+
+The in-progress change and the committed pf change could both benefit from testing in more and diverse environments.
+
+Sponsor: The FreeBSD Foundation
+Sponsor: Tailscale

File Metadata

Mime Type
text/plain
Expires
Tue, Apr 28, 12:53 PM (11 m, 41 s)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
32278880
Default Alt Text
D46869.id144161.diff (1 KB)

Event Timeline