[104964] in North American Network Operators' Group
RE: Types of packet modifications allowed for networks
daemon@ATHENA.MIT.EDU (Darden, Patrick S.)
Mon Jun 2 08:21:52 2008
Date: Mon, 2 Jun 2008 08:21:20 -0400
In-Reply-To: <4841CA4C.5020708@vaxination.ca>
From: "Darden, Patrick S." <darden@armc.org>
To: =?iso-8859-1?Q?Jean-Fran=E7ois_Mezei?= <jfmezei@vaxination.ca>,
<nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I'm not aware of any hard rules regarding this. I'll include yours =
below:
--packet fragmentation due to inconsistent MTUs and/or bandwidth (e.g. =
moving from ATM at 150Mbps to a fractional DS3 at 3.088Mbps)
--ttl changes from hop to hop
--dest ip changes from hop to hop
--PAT/NAT changes in last network borders (e.g. routing traffic to =
appropriate endpoints (servers) or starting points (workstations))
--PAT/NAT changes in "last" host (e.g. it hits ext ip port 4443, gets =
changed to newip:443 and forwarded on)
--firewall changes in buffer/mother network (e.g. protective network or =
DMZ)--these could be almost anything, most frequent would be morons who =
completely block ICMP--you should probably count anti-spam and =
anti-virus (layer 4 but affects layer 3 dramatically) but these are =
usually advertised features subscribed to by the customers (as opposed =
to secret "features" that only come out due to customer outrage)
--header checksum changes after contents changes (e.g. dip at a router)
Meh, not sure I was helpful.
--p
