[162009] in North American Network Operators' Group
Re: BCP38 tester?
daemon@ATHENA.MIT.EDU (Karl Auer)
Mon Apr 1 00:55:09 2013
From: Karl Auer <kauer@biplane.com.au>
To: nanog@nanog.org
Date: Mon, 01 Apr 2013 15:54:51 +1100
In-Reply-To: <20130401040755.3032931B72A5@drugs.dv.isc.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, 2013-04-01 at 15:07 +1100, Mark Andrews wrote:
> In message <1364787851.2136.7.camel@karl>, Karl Auer writes:
> > A side effect of NAT is to clamp the source address range
> > of outbound packets to the configured NAT outside address
> > range.
> It depends on how the nat is configured.
OK - how does one configure NAT so that the source addresses of outbound
packets are NOT clamped to a configured range on the outside of the NAT
device? Given this general scenario, of course:
Inside Outside
Nasty spoofing scum ----> NAT ---> helpless victims
Outbound --->
Honest question - just 'because I don't see it doesn't mean it isn't
possible :-) My NAT configs have generally been pretty plain vanilla.
Regards, K.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer@biplane.com.au)
http://www.biplane.com.au/kauer
http://twitter.com/kauer389
GPG fingerprint: B862 FB15 FE96 4961 BC62 1A40 6239 1208 9865 5F9A
Old fingerprint: AE1D 4868 6420 AD9A A698 5251 1699 7B78 4EEE 6017
