How to Use Port Control Protocol in NetScaler?

This article describes how to use Port Control Protocol in NetScaler.


In today’s networks NAT device plays an important role providing IPv4 preservation, IPv6 migration, and security and thus the chances of packet translation happening in an end-to-end communication is quite high. In order to have control over these NAT devices, Port Control Protocol was developed (RFC – 6887). Port Control Protocol commonly referred as PCP enables applications and equipment to read/write explicit mappings between an external IP address, protocol and port, and an internal IP address, protocol and port. These explicit mappings allows inbound communication to reach the hosts behind a NAT or firewall.

Why PCP?

With DHCP the internal IP address varies often and thus the external IP address/port also changes frequently. While hosting a service on a server behind firewall or NAT, this frequently changing external IP address/port posts a challenge. Below are the list of problems faced commonly in a NAT environment.


  • Hosting of web services in private network lead to Dynamic DNS issues (change in NAT IP during reallocation of IP)
  • Need to Monitor/Access Home Gateway (HG) devices from outside/office
    • No control over NAT and firewall
    • Have to raise a request to service provider for static mapping
  • Internet of Things (Rapid growth of HG)
    • Keep alive messages takes bandwidth consumption
    • Battery consumption on mobile devices


PCP comes to rescue here by providing the below mentioned support to overcome the above mentioned problems.

  • PCP clients can get updated mappings from NAT device using PCP
  • Give controls to applications/devices at HG
    • Whenever it wants to act as service, it can request its upstream devices
    • Applications decide when the session at upstream devices should terminate

Primary Uses cases for DDNS with PCP

PCP Communication

Port Control Protocol (PCP) keeps device (PCP client) and NAT/CGN server (PCP server) dynamically aware about the change in both internal and external IP address and port number. NetScaler should be able to receive PCP request from any client and provide appropriate response for them.

User-added image

PCP works in a client server model over UDP and uses various OPCODEs are used for performing PCP operations. In NetScaler PCP server can be used with NAT44, NAT64 and DS-Lite.