<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: what port number to use?
From: Karl Kleinpaste <karl,AT,charcoal,DOT,com>
Date: Thu, 9 Aug 2001 16:34:41 +0200
In-reply-to: <Pine.SOL.4.10.10108082118500.28873-100000@masto.uku.fi>

Kambiz Aghaiepour <kambiz,AT,redhat,DOT,com> writes:

> Actually, I don't think this would work because cipe is udp
> based. So if the NAT endpoint establishes the connection to the
> non-NAT, the non-NAT will try to respond with UDP traffic destined
> to the NATting firewall, which drops the packet.

I don't know what NAT you're familiar with, but many incantations of
NAT speak UDP just fine, including Linux IP masquerading; the NAT
firewall forwards back to the internal host, having masqueraded the IP
address completely along with shifting the UDP port the internal host
believed was in use.  Dismantlement of the NAT "connection" is based
on a simple lack-of-activity timeout.  One-sided NAT CIPE is perfectly
reasonable.





<< | Thread Index | >> ]    [ << | Date Index | >> ]