| To: | Phil Scarratt <fil,AT,draxsen,DOT,com> |
| Subject: | Re: concrete udp forwarding question |
| From: | Daniel Andor <da209,AT,cam,DOT,ac,DOT,uk> |
| Date: | Wed, 25 Jun 2003 13:35:02 +0100 |
| Cc: | cipe-l,AT,inka,DOT,de |
| In-reply-to: | <3EF8FE18.1000007@draxsen.com> |
| References: | <200306231916.11758.da209@cam.ac.uk> <200306241638.32766.da209@cam.ac.uk> <3EF8FE18.1000007@draxsen.com> |
| Reply-to: | Daniel.Andor,AT,physics,DOT,org |
On Wednesday 25 June 2003 2:42 am, Phil Scarratt wrote: > This is one of the functionalities of NAT - it wraps the packet with a > publicly accessible source ip so the destination returns it to the > correct machine on the public network (ie the routerNAT) which then [snip] Thanks, this is good to know. (I had thought this functionality only existed for TCP connections.) > > 2) It seems like I need the "ping" option to keep the NAT router > > forwarding the UDP packets it receives from machineA to machineB. (I have > > no idea what the time-out on the NAT router is, so I set 10 seconds as > > not too wasteful if resources.) > > Not sure why this is the case. Mine worked fine (same configuration) > without the ping. Might have something to do with the routerNAT (mine is > a linux box). My naive guess was that the NAT router was timing out the reverse mapping (since the connection was sitting idle for a while)? That is, when it received a packet to 1114 from machineA, it no longer knew to send it on to machineB. Otherwise, on your linux box, does it keep the mapping indefinitely? (I have no idea what hw/sw the NAT router is using here.) Thanks, Daniel. > > > > Yes, thanks very much. > > Daniel. > > > >>Fil > >> > >>Daniel Andor wrote: > >>>Hi All, > >>> > >>>I can't quite work out how to configure this setup, so I would be very > >>>grateful for some help. > >>> > >>>I have a machineA with a static IP, and a machineB behind a NAT router: > >>> > >>>machineA <--- internet ---> routerNAT <--- internal LAN ---> machineB > >>> > >>>How should I configure this to create a cipe vpn between machineA and B? > >>> > >>>Notes: > >>>I do not have access to routerNAT. > >>>There's another machineC, distinct from the router, which has interfaces > >>>on both the internet *and* the internal LAN. I have access to this to > >>> be able to run userland programs. > >>> > >>>Any help appreciated! > >>>Thanks, > >>>Daniel. > > > > -- > > Message sent by the cipe-l,AT,inka,DOT,de mailing list. > > Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body > > Other commands available with "help" in body to the same address. > > CIPE info and list archive: > > <URL:http://sites.inka.de/~bigred/devel/cipe.html>