Firewall Wizards mailing list archives

Strange NAT entries on the PIX

From: user <nguyen () evergreen edu>
Date: Mon, 07 Apr 2003 16:00:24 -0700

Sorry about the HTML mail attempt.  They won't let me turn off automatic
HTML on our server.  I think this client will avoid the problem.


While researching a NAT pool exhaustion problem, I came across a number
of strange NAT pairs.  Essentially, addresses in the global pool are
turning up on the local side, mapped to a different address in the
outside pool.

They are usually paired to the next address in sequence, but there are a
few exceptions.

Examples:

Global x.x.25.180  Local x.x.25.179
Global x.x.25.181  Local x.x.25.180
Global x.x.25.182  Local x.x.25.181

etc. for a block of 10-20 addresses.

I'm trying to get my head around what kind of protocol might be
generating this pattern.  I suspect it's a peer-peer file transfer
pattern, since it seems to be primarily in our dorms network.

Any clues would be appreciated.

Joe Pollock
Network Services
The Evergreen State College
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Strange NAT entries on the PIX user (Apr 08)
- Re: Strange NAT entries on the PIX Lisa Napier (Apr 08)
- Re: Strange NAT entries on the PIX Dave Rinker (Apr 08)