nanog mailing list archives
Re: Fwd: 41/8 announcement
From: Joseph S D Yao <jsdy () center osis gov>
Date: Fri, 26 May 2006 13:29:37 -0400
On Fri, May 26, 2006 at 07:44:04AM -0700, william(at)elan.net wrote:
On Fri, 26 May 2006, Bill Woodcock wrote:On Fri, 26 May 2006, Mikisa Richard wrote: > Can't be sure what they did, but I received an e-mail asking me to check > on my connectivity to them and well, it worked. Presumably they're double-natting. I had to do that once for Y2K compliance for three large governmental networks that were all statically addressed in net-10 and wouldn't/couldn't renumber in time. In fact, there were _specific hosts_ which had the same IP address, and _had to talk to each other_. Gross. But it can be done.Please explain how. I simply can't imagine my computer communicating with another one with exactly same ip address - the packet would never leave it. The only way I see to achieve this is to have dns resolver on the fly convert remote addresses from same network into some other network and then NAT from those other addresses.
Here's how with dual proxies. Presumably dual NATs use multiple IPs from different parts of the intermediary network. proxy1----------------+ +-----------------proxy2 |.1 |.1 |.2 |.1 ======= 10.0.0.0/24 ======= x.y.z.0/24 ======= 10.0.0.0/24 |.15 |.15 host server If you are using a good mail reader, the above ASCII art will come through unscathed. If it does not come through unscathed, you are not using a good mail reader. ;-) net1: 10.0.0.0/24 host = 10.0.0.15 proxy1 = 10.0.0.1 net2: x.y.z.0/24 (NOT 10.0.0.0) proxy1 = x.y.z.1 proxy2 = x.y.z.2 net3: 10.0.0.0/24 [it used to belong to the guy down the block but i bought it at a garage sale and had to merge the two networks] proxy2 = 10.0.0.1 server = 10.0.0.15 Host has proxy set to 10.0.0.1. Rather than resolving "server", it sends a Web query for "http://server" to 10.0.0.1. Proxy1 gets it. It has been told that "server" is on the other side of proxy2. Rather than resolving "server", it forwards the Web query for "http://server" to proxy2, at x.y.z.2. Proxy2 breaks this query down, resolves "server" using _local_ DNS to 10.0.0.15. Sends the query to server, receives the response. Passes the response back to proxy1, which passes it back to host. Capisci? -- Joe Yao ----------------------------------------------------------------------- This message is not an official statement of OSIS Center policies.
Current thread:
- Re: 41/8 announcement, (continued)
- Re: 41/8 announcement Gaurab Raj Upadhaya (May 24)
- Re: 41/8 announcement Suresh Ramasubramanian (May 24)
- Message not available
- Fwd: 41/8 announcement Richard Mikisa (May 24)
- Re: Fwd: 41/8 announcement bmanning (May 24)
- Re: Fwd: 41/8 announcement Richard Mikisa (May 24)
- Re: Fwd: 41/8 announcement william(at)elan.net (May 25)
- Re: Fwd: 41/8 announcement Mikisa Richard (May 25)
- Re: Fwd: 41/8 announcement Bill Woodcock (May 26)
- Re: Fwd: 41/8 announcement william(at)elan.net (May 26)
- Re: Fwd: 41/8 announcement Bill Woodcock (May 26)
- Re: Fwd: 41/8 announcement Joseph S D Yao (May 26)
- Re: Fwd: 41/8 announcement Stephen Sprunk (May 26)
- Re: Fwd: 41/8 announcement Peter Corlett (May 30)
- Re: Fwd: 41/8 announcement Valdis . Kletnieks (May 30)
- Re: 41/8 announcement Gaurab Raj Upadhaya (May 24)
- Re: Fwd: 41/8 announcement steve (May 26)
- Re: 41/8 announcement Patrick W. Gilmore (May 24)
- Re: Fwd: 41/8 announcement Jon Lewis (May 27)