Re: Fake address for NAT connection support (IPv4)

Mark T.B. Carroll wrote:
My ISP assigns me a public static IP address but for my gateway
machine's WAN connection they give me a static RFC1918 address. They
must do some static transformation of my packets at their end, mapping
between the RFC1918 address and the public address.

So they are doing NAT from the RFC 1918 address to the public address.

This messes up my ability to use connection tracking to support
protocols that cross my gateway's IP masquerading: it's putting the
wrong address into the protocols when it rewrites the content.

Why?

If your traffic is outbound, you put the WAN address into the
outbound packets and into the great world they go. In the
same way, the reply packets get translated by the ISP and you
can re-translate from the WAN RFC 1918 address into your own
internal addresses.

There's a limitation: Your internal network must not use
a RFC 1918 address conflicting with the ISP's address.

The system limits your inbound traffic, so it may be more
difficult to have a server at your connection - and precisely
this may be the base cause of the address translation at
the ISP.

If the ISP's address translation is pretty constant and one-to-one,
a dynamic DNS solution might work (e.g. http://www.dyndns.org/).

Is it possible to have it write the public IP address into them somehow?
I can imagine I can do it if I give its WAN interface the public
address, then have another not-connection-tracking 'outer gateway'
between the gateway and my ISP that does the reverse of the
transformation they do.

But, can I achieve the same effect without needing another machine?

Not that way.

(Or another ISP. (-:)

A suitable bunch of money might make the miracle
with your current ISP also.

--

Tauno Voipio
tauno voipio (at) iki fi

.

Relevant Pages

  • Re: Fake address for NAT connection support (IPv4)
    ... machine's WAN connection they give me a static RFC1918 address. ... must do some static transformation of my packets at their end, ... outbound packets and into the great world they go. ... their translation: ...
    (comp.os.linux.networking)
  • Hook calls between TCP stack and PPP
    ... I just posted a reply on the Windows Developer group ... packets on all interfaces including WAN with PPP. ... want to modify the data portion, the headers, or both? ...
    (microsoft.public.windowsce.platbuilder)
  • Re: IP configuration
    ... The WAN IP is the public IP that is assigned by your ISP. ... router will pick up this IP automatically and it should show in the router ... >> Hi John, ...
    (microsoft.public.windows.server.sbs)
  • Re: E1 connection
    ... >> We are changing ISP ... >> Both WAN and LAN are PUBLIC ... >> Is this Interface is Correct? ...
    (comp.dcom.sys.cisco)
  • Re: E1 connection
    ... > We are changing ISP ... > Both WAN and LAN are PUBLIC ... > Is this Interface is Correct? ...
    (comp.dcom.sys.cisco)