Common operational misconceptions
owen at delong.com
Fri Feb 17 00:41:43 CST 2012
I believe he understands just fine. However, his point (and I agree with him) is that
if you are behind NAT, it isn't full end-to-end functionality, even if it does allow some
degraded form of end-to-end connectivity with significant limitations which are not
present in the absence of NAT.
"I can't use your address" is inherent in the network.
"I can't use whatever port number I want on my side of the connection" is not.
On Feb 16, 2012, at 10:24 PM, Masataka Ohta wrote:
> Valdis.Kletnieks at vt.edu wrote:
>> No, you said specifcially that it can be restored by end system*S*
> Yes, end to end connectivity is restored.
> However, that end to end connectivity is restored does not
> mean your boxes can use 188.8.131.52 nor port 49734.
>> Yes, I can get one box listening. Now tell me how to get
>> the second and third boxes listening on the same port.
> Perhaps, you misunderstand how end systems behind NAT
> must interact with UPnP or something like that to be
> able to restore the end to end connectivity.
> End systems behind UPnP boxes are allocated disjoint
> sets of global port numbers, only among which, end
> systems can use as their global port numbers.
> End systems can obtain information on port numbers
> they can use through UPnP or something like that.
> Thus, there is no port number collision at the global
> side of the UPnP box.
> Similar mechanism is described in draft-ohta-e2e-nat-00.txt
> Masataka Ohta
More information about the NANOG