Common operational misconceptions

Owen DeLong owen at delong.com
Fri Feb 17 00:41:43 CST 2012


I believe he understands just fine. However, his point (and I agree with him) is that
if you are behind NAT, it isn't full end-to-end functionality, even if it does allow some
degraded form of end-to-end connectivity with significant limitations which are not
present in the absence of NAT.

"I can't use your address" is inherent in the network.
"I can't use whatever port number I want on my side of the connection" is not.

Owen

On Feb 16, 2012, at 10:24 PM, Masataka Ohta wrote:

> Valdis.Kletnieks at vt.edu wrote:
> 
>> No, you said specifcially that it can be restored by end system*S*
>> plural.
> 
> Yes, end to end connectivity is restored.
> 
> However, that end to end connectivity is restored does not
> mean your boxes can use 131.112.32.132 nor port 49734.
> 
>> Yes, I can get one box listening.  Now tell me how to get
>> the second and third boxes listening on the same port.
> 
> Perhaps, you misunderstand how end systems behind NAT
> must interact with UPnP or something like that to be
> able to restore the end to end connectivity.
> 
> End systems behind UPnP boxes are allocated disjoint
> sets of global port numbers, only among which, end
> systems can use as their global port numbers.
> 
> End systems can obtain information on port numbers
> they can use through UPnP or something like that.
> 
> Thus, there is no port number collision at the global
> side of the UPnP box.
> 
> Similar mechanism is described in draft-ohta-e2e-nat-00.txt
> 
> 						Masataka Ohta




More information about the NANOG mailing list