Re: Fake address for NAT connection support (IPv4)

Tauno Voipio <tauno.voipio@xxxxxxxxxxxxx> writes:

Mark T.B. Carroll wrote:
My ISP assigns me a public static IP address but for my gateway
machine's WAN connection they give me a static RFC1918 address. They
must do some static transformation of my packets at their end, mapping
between the RFC1918 address and the public address.

So they are doing NAT from the RFC 1918 address to the public address.

Yes.

(snip)
If your traffic is outbound, you put the WAN address into the
outbound packets and into the great world they go. In the
same way, the reply packets get translated by the ISP and you
can re-translate from the WAN RFC 1918 address into your own
internal addresses.

Unfortunately, they don't rewrite protocols (e.g., for active FTP) in
their translation: not being protocol-content-aware, their translation
is not transparent. It's the correct rewriting I want (achieved with
some of the CONFIG_IP_NF_* options) but if I do that naively with the
RFC1918 address on my WAN interface it'll be wrong.

There's a limitation: Your internal network must not use
a RFC 1918 address conflicting with the ISP's address.

Indeed it doesn't.

(snip)
If the ISP's address translation is pretty constant and one-to-one,
a dynamic DNS solution might work (e.g. http://www.dyndns.org/).

Yes, it's constant and one-to-one.

(snip)
A suitable bunch of money might make the miracle with your current ISP
also.

True. They seem to be sort of intending to getting around to fixing it
anyway, although I'm not holding my breath.

-- Mark
.

Relevant Pages

  • Re: Fake address for NAT connection support (IPv4)
    ... machine's WAN connection they give me a static RFC1918 address. ... must do some static transformation of my packets at their end, ... outbound packets and into the great world they go. ... the reply packets get translated by the ISP and you ...
    (comp.os.linux.networking)
  • Hook calls between TCP stack and PPP
    ... I just posted a reply on the Windows Developer group ... packets on all interfaces including WAN with PPP. ... want to modify the data portion, the headers, or both? ...
    (microsoft.public.windowsce.platbuilder)
  • Re: Linksys hacking?
    ... is connectionless - there are NO connections to buffer. ... Linksys off-line and UDP flooded it from the physical WAN ... which forces the packets through the ...
    (comp.security.firewalls)