The firewall is "keeping track" of the connections via it's kernel-level NAT
code. You could probably look at the RFC for NAT (1918 I think?) and do a
search on NAT at cisco.com (they actually have a LOT of educational material
on their site).
Carric Dooley
Network Security Consultant
"I have often regretted my speech, never my silence."
- Xenocrates (396-314 B.C.)
----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, June 08, 2000 7:55 PM
Subject: Packet basics
> I am (trying ) to configuring IP masquerading for a firewall.
>
> I dont understand how the following occurs.
>
> Trying to setup a firewall with 2 nics ,
> 1 , an external nic with a valid internet address of ZZZ.Z.Z.201
> 2, an internal nic with a private lan number of 192.68.x.11
>
> behind the firewall are, 5 workstations with private lan numbers of
> 192.68.1.101-105
>
> What happens for the following circumstance ,
> all 5 workstations send 2 independent web requests to yahoo.com ?
>
> As far as i can reason - each workstation is seen by the internet as
> zzz.z.z.201.
> This is the ip masquerading at work.
> So yahoo receives 10 requests from .201 and responds to all of them.
>
> Yahoo.com webserver responds to .201 with 10 responses, all destined for
the
> .201 address.
> Somehow the firewall must be able to determine not only which machine to
send
> it to, but which session.
>
> How does the masquerading firewall machine know
> which response goes to which mac address/ip address combination,
> and not only which machine , but which session per machine.
>
> Can anyone help me tp understand what goes on in this situation,
> or point me to a beginners URL that will explain this to me.
>
> Thanks in advance.
> RW
>
> -
> [To unsubscribe, send mail to [EMAIL PROTECTED] with
> "unsubscribe firewalls" in the body of the message.]
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
