<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi John,</p>
<p>As you point out the restriction was there to ease management. If
management can be done through a NAT then I suppose we could allow
exceptions under situations such as those you describe below.</p>
<p>I am still not entirely comfortable with NATs since they add
another layer to be configured properly and a dependence on
another machine. But if you feel comfortable with them then I have
no objection.</p>
<p>Just curious, is there a good reason why they want to put a
testbed machine behind a NAT? Is it lack of routable IP addresses
or something else?<br>
</p>
<p>Christos.</p>
<p><br>
</p>
<br>
<div class="moz-cite-prefix">On 04/09/2017 05:10 PM, Dehart, John
wrote:<br>
</div>
<blockquote
cite="mid:09E88C67-DA2D-4B70-96CA-21DE7316F1F5@wustl.edu"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div class=""><br class="">
</div>
Alex,
<div class=""><br class="">
</div>
<div class="">The site still has to be configured so that we get
ports that are acceptable.</div>
<div class="">Perhaps we don’t get external port 80 but our end
can use alternate ports.</div>
<div class="">We have one site where we don’t get port 80 but we
use port 8080.</div>
<div class="">There is another site where we don’t get port 22,
but they have configured</div>
<div class="">external port 22222 to get translated to port 22 on
the site node behind the NAT.</div>
<div class=""><br class="">
</div>
<div class="">So, it is not automatic. There is configuration
needed at the site end and</div>
<div class="">at our end.</div>
<div class=""><br class="">
</div>
<div class="">It is perhaps not ideal but it is manageable.</div>
<div class=""><br class="">
</div>
<div class="">John</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
<div>
<blockquote type="cite" class="">
<div class="">On Apr 9, 2017, at 5:33 PM, Alex Afanasyev
<<a moz-do-not-send="true" href="mailto:aa@CS.UCLA.EDU"
class="">aa@CS.UCLA.EDU</a>> wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<div dir="ltr" class="">How would you manage such a node?
If it is behind the NAT (without any ports redirected,
then it will only be able establish connectivity to the
testbed and there could be issues getting status (from
web interface).
<div class=""><br class="">
</div>
<div class="">--</div>
<div class="">Alex</div>
<div class=""><br class="">
</div>
</div>
<div class="gmail_extra"><br class="">
<div class="gmail_quote">On Sun, Apr 9, 2017 at 3:12 PM,
Dehart, John <span dir="ltr" class="">
<<a moz-do-not-send="true"
href="mailto:jdd@wustl.edu" target="_blank"
class="">jdd@wustl.edu</a>></span> wrote:<br
class="">
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div style="word-wrap:break-word" class="">
<div class=""><br class="">
</div>
<div class="">All:</div>
<div class=""><br class="">
</div>
<div class="">In our policy statement (<a
moz-do-not-send="true"
href="https://named-data.net/ndn-testbed/policies-connecting-nodes-ndn-testbed/"
target="_blank" class="">https://named-data.net/ndn-<wbr
class="">testbed/policies-connecting-<wbr
class="">nodes-ndn-testbed/</a>)</div>
<div class="">for a site joining the NDN Testbed,
we state:</div>
<div class=""><br class="">
</div>
<div class="">"<span
style="color:rgb(34,34,34);font-family:'Helvetica
Neue',Helvetica,Helvetica,Arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)"
class="">The machine may be a dedicated
physical box or a virtual machine (VM) with a </span></div>
<div class=""><span
style="color:rgb(34,34,34);font-family:'Helvetica
Neue',Helvetica,Helvetica,Arial,sans-serif;font-size:14px;background-color:rgb(255,255,255)"
class=""> publicly routable IP address (i.e.,
should not be behind a NAT). </span><font
class="" color="#222222" face="Helvetica Neue,
Helvetica, Helvetica, Arial, sans-serif"><span
style="font-size:14px" class="">“</span></font></div>
<div class=""><br class="">
</div>
<div class="">I would like to lift the restriction
about being behind a NAT. I believe that we
originally put</div>
<div class="">that stipulation in the policy as a
convenience to us as we managed the NDN Testbed.</div>
<div class="">We have already been flexible with a
couple of sites that wanted or needed to be
behind a NAT. </div>
<div class="">So far, I do not have any evidence
that this has caused any problems. We do have an
issue with</div>
<div class="">one site that happens to be behind a
NAT but at this time I do not think the NAT is
causing the problem.</div>
<div class=""><br class="">
</div>
<div class="">Does anyone have any concrete
reasons why an NDN node on the NDN Testbed
should</div>
<div class="">NOT be allowed to be behind a NAT?</div>
<div class=""><br class="">
</div>
<div class="">Thanks,</div>
<div class="">John</div>
<div class=""><br class="">
</div>
</div>
<br class="">
______________________________<wbr class="">_________________<br
class="">
Nfd-dev mailing list<br class="">
<a moz-do-not-send="true"
href="mailto:Nfd-dev@lists.cs.ucla.edu" class="">Nfd-dev@lists.cs.ucla.edu</a><br
class="">
<a moz-do-not-send="true"
href="http://www.lists.cs.ucla.edu/mailman/listinfo/nfd-dev"
rel="noreferrer" target="_blank" class="">http://www.lists.cs.ucla.edu/<wbr
class="">mailman/listinfo/nfd-dev</a><br
class="">
<br class="">
</blockquote>
</div>
<br class="">
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Nfd-dev mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Nfd-dev@lists.cs.ucla.edu">Nfd-dev@lists.cs.ucla.edu</a>
<a class="moz-txt-link-freetext" href="http://www.lists.cs.ucla.edu/mailman/listinfo/nfd-dev">http://www.lists.cs.ucla.edu/mailman/listinfo/nfd-dev</a>
</pre>
</blockquote>
<br>
</body>
</html>