|
| PORTAIL | ANNUAIRE | ARTICLES | COMPARATEUR HÉBERGEURS | DEVIS | FORUMS | RÉDUCTEUR D'URL |
|
|
|
|
||||||
| comp.protocols.tcp-ip TCP and IP network protocols. |
 |
|
|
LinkBack | Outils de la discussion |
25/09/2007, 10h26
|
#1 |
Messages: n/a
Hébergeur: |
ping through NAT
Hi. Assume I have 2 computers in a LAN behind a NAT router. The 2 computers ping to the same remote server at the same time. Because of the NAT, the source IP address of both ping is replaced . Since it is ICMP there is no port address to destinguish between th packets as in regular browser application. How does the NAT router destinguish between the ping replies? Thanks, NAHUM |
|
|
25/09/2007, 16h37
|
#2 |
|
Messages: n/a
Hébergeur: |
Re: ping through NAT
nahum_barnea@yahoo.com writes:
> Hi. > > Assume I have 2 computers in a LAN behind a NAT router. > The 2 computers ping to the same remote server at the same time. > > Because of the NAT, the source IP address of both ping is replaced . > Since it is ICMP there is no port address to destinguish between th > packets as in regular browser application. > > How does the NAT router destinguish between the ping replies? At a glance, it looks like conntrack_icmp in the Linux kernel uses the Identifier field. See: http://svn.netfilter.org/cgi-bin/vie...39&view=markup http://www.networksorcery.com/enp/pr.../icmp/msg8.htm ----Scott. |
|
|
|
25/09/2007, 19h20
|
#3 |
|
Messages: n/a
Hébergeur: |
Re: ping through NAT
In article <lywsuerc1o.fsf@gfn.org>,
Scott Gifford <sgifford@suspectclass.com> wrote: >nahum_barnea@yahoo.com writes: >> Assume I have 2 computers in a LAN behind a NAT router. >> The 2 computers ping to the same remote server at the same time. >> >> Because of the NAT, the source IP address of both ping is replaced . >> Since it is ICMP there is no port address to destinguish between th >> packets as in regular browser application. >> >> How does the NAT router destinguish between the ping replies? > >At a glance, it looks like conntrack_icmp in the Linux kernel uses the >Identifier field. See: While using the Identifier is probably what the router is doing (its how Cisco routers do it) how were you able to tell that the router in question is running Linux? -- -- Rod -- rodd(at)polylogics(dot)com |
|
|
|
25/09/2007, 20h21
|
#4 |
|
Messages: n/a
Hébergeur: |
Re: ping through NAT
rodd@panix.com (Rod Dorman) writes:
> In article <lywsuerc1o.fsf@gfn.org>, > Scott Gifford <sgifford@suspectclass.com> wrote: >>nahum_barnea@yahoo.com writes: >>> Assume I have 2 computers in a LAN behind a NAT router. >>> The 2 computers ping to the same remote server at the same time. >>> >>> Because of the NAT, the source IP address of both ping is replaced . >>> Since it is ICMP there is no port address to destinguish between th >>> packets as in regular browser application. >>> >>> How does the NAT router destinguish between the ping replies? >> >>At a glance, it looks like conntrack_icmp in the Linux kernel uses the >>Identifier field. See: > > While using the Identifier is probably what the router is doing (its > how Cisco routers do it) how were you able to tell that the router in > question is running Linux? Oh, I have no idea, it's just much easier to find the source to Linux's NAT stack than to cisco's. :-) Of course, finding out how a particular router implements this (and whether the implementation works), will require looking at the router's specs or source code, or doing some experiments. ----Scott. |
|
|
|
| Outils de la discussion | |
|
|
