Re: NAT [7:60784]

Fri, 10 Jan 2003 03:58:52 -0800 

Hello!

And there are some issues with several protocols, as Marc points out. In
FTP, for example, possibly the new packet will be larger than original one.
(IP Addresses are codified in the data payload as text). So, it's possible
the router has to fragment the packet. And that's not a simple header
rewrite.

Francisco Sedano
Informatica Pronet.




                                                                                       
                                        
                    "Marc Thach Xuan
Ky"
                                          
cc:
                    Enviado por:                     Asunto:      Re: NAT
[7:60784]
                   
[EMAIL PROTECTED]
                                                                                       
                                        
                                                                                       
                                        
                    10/01/2003
12:08
                    Por favor, responda
a
                    "Marc Thach Xuan
Ky"
                                                                                       
                                        
                                                                                       
                                        




Dwayne,
it's most likely that any NAT implementation would overwrite the header
data that it wishes to change, rather than rewrites the header in its
entirety.  Of course the end result would look the same when you view
the packet, however you can recalculate the checksum from the old and
new IP addresses without reading the entire packet, so that's a gain for
not using the full header creation code.
Note though that some protocols which don't pass well through NAT are
handled by an ALG (Application Level Gateway), and these modules will
rewrite the IP data.  Now if I were coding an ALG I'd certainly create
the entire header for scratch, and I might need to do the same with the
data.  Think of an FTP ALG for example.  Here the length of the data may
be changed, in particular it may grow.  The buffer that is currently
allocated for the packet may not have room to grow, so in that case,
you'd need to copy the data into a larger buffer probably as you parse
and alter the data.
rgds
Marc


Dwayne Saunders wrote:
>
> Hi all,
>         Was just wondering if any one could put me on to a good link in
> regards NAT and packet headers, simply what I am trying to find out is
the
> packet header total rewritten or just the ip address part of the header
and
> checksum, Or is a new header written to envelope the original header.
>
> Or does each application do it differently.
>
> Any help would be great.
>
> Regards
>
> D'Wayne Saunders




Message Posted at:
http://www.groupstudy.com/form/read.php?f=7&i=60803&t=60784
--------------------------------------------------
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]

Reply via email to