RFC 7652

Port Control Protocol (PCP) Authentication Mechanism, September 2015

File formats:
icon for text file icon for PDF icon for HTML
RFC 6887
M. Cullen
S. Hartman
D. Zhang
T. Reddy
pcp (int)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC7652

Discuss this RFC: Send questions or comments to the mailing list pcp@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 7652


An IPv4 or IPv6 host can use the Port Control Protocol (PCP) to flexibly manage the IP address-mapping and port-mapping information on Network Address Translators (NATs) or firewalls to facilitate communication with remote hosts. However, the uncontrolled generation or deletion of IP address mappings on such network devices may cause security risks and should be avoided. In some cases, the client may need to prove that it is authorized to modify, create, or delete PCP mappings. This document describes an in-band authentication mechanism for PCP that can be used in those cases. The Extensible Authentication Protocol (EAP) is used to perform authentication between PCP devices.

This document updates RFC 6887.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.

Advanced Search