Fwd: 41/8 announcement

Joseph S D Yao jsdy at center.osis.gov
Fri May 26 17:29:37 UTC 2006

On Fri, May 26, 2006 at 07:44:04AM -0700, william(at)elan.net wrote:
> On Fri, 26 May 2006, Bill Woodcock wrote:
> >     On Fri, 26 May 2006, Mikisa Richard wrote:
> >   > Can't be sure what they did, but I received an e-mail asking me to 
> >   check
> >   > on my connectivity to them and well, it worked.
> >
> >Presumably they're double-natting.  I had to do that once for Y2K
> >compliance for three large governmental networks that were all statically
> >addressed in net-10 and wouldn't/couldn't renumber in time.  In fact,
> >there were _specific hosts_ which had the same IP address, and _had to
> >talk to each other_.  Gross.  But it can be done.
> Please explain how. I simply can't imagine my computer communicating
> with another one with exactly same ip address - the packet would never
> leave it. The only way I see to achieve this is to have dns resolver
> on the fly convert remote addresses from same network into some other
> network and then NAT from those other addresses.

Here's how with dual proxies.  Presumably dual NATs use multiple IPs
from different parts of the intermediary network.

 proxy1----------------+   +-----------------proxy2
   |.1                 |.1 |.2                 |.1
=======    ======= x.y.z.0/24   =======
   |.15                                        |.15
  host                                       server

If you are using a good mail reader, the above ASCII art will come
through unscathed.  If it does not come through unscathed, you are not
using a good mail reader.  ;-)

	host =
	proxy1 =

net2: x.y.z.0/24 (NOT
	proxy1 = x.y.z.1
	proxy2 = x.y.z.2

net3: [it used to belong to the guy down the block but i
		   bought it at a garage sale and had to merge the two
	proxy2 =
	server =

Host has proxy set to  Rather than resolving "server", it
sends a Web query for "http://server" to  Proxy1 gets it.  It
has been told that "server" is on the other side of proxy2.  Rather than
resolving "server", it forwards the Web query for "http://server" to
proxy2, at x.y.z.2.  Proxy2 breaks this query down, resolves "server"
using _local_ DNS to  Sends the query to server, receives the
response.  Passes the response back to proxy1, which passes it back to


Joe Yao
   This message is not an official statement of OSIS Center policies.

More information about the NANOG mailing list