Home page logo
/

nanog logo nanog mailing list archives

Re: end2end? (was: RE: Where NAT disenfranchises the end-user ...)
From: Leo Bicknell <bicknell () ufp org>
Date: Fri, 7 Sep 2001 14:49:46 -0400


On Fri, Sep 07, 2001 at 10:55:49AM -0700, Mike Batchelor wrote:
NAT rewrites certain packet data fields (src addr, src port, sometimes mac
addr).  So does a ordinary router (ttl decrement).  One breaks end2end, the
other does not.  What is the difference?

NAT rewrite more than that, try reading
http://www.cisco.com/warp/public/cc/pd/iosw/ioft/ionetn/prodlit/1195_pp.htm

In particular, it rewrites addresses _in the data portion of the packet)
for the following protocols:

ICMP, FTP, NetBIOS, RealAudio, CuSeeMe, DNS, Netmeeting, H.323, PPTP and
several others.

That's what makes it violate the end2end principal, your _data_ is changed
by NAT.

-- 
Leo Bicknell - bicknell () ufp org
Systems Engineer - Internetworking Engineer - CCIE 3440
Read TMBG List - tmbg-list-request () tmbg org, www.tmbg.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]