nanog mailing list archives

Re: Fwd: 41/8 announcement

From: Joseph S D Yao <jsdy () center osis gov>
Date: Fri, 26 May 2006 13:29:37 -0400


On Fri, May 26, 2006 at 07:44:04AM -0700, william(at)elan.net wrote:



On Fri, 26 May 2006, Bill Woodcock wrote:

    On Fri, 26 May 2006, Mikisa Richard wrote:
  > Can't be sure what they did, but I received an e-mail asking me to 
  check
  > on my connectivity to them and well, it worked.

Presumably they're double-natting.  I had to do that once for Y2K
compliance for three large governmental networks that were all statically
addressed in net-10 and wouldn't/couldn't renumber in time.  In fact,
there were _specific hosts_ which had the same IP address, and _had to
talk to each other_.  Gross.  But it can be done.


Please explain how. I simply can't imagine my computer communicating
with another one with exactly same ip address - the packet would never
leave it. The only way I see to achieve this is to have dns resolver
on the fly convert remote addresses from same network into some other
network and then NAT from those other addresses.


Here's how with dual proxies.  Presumably dual NATs use multiple IPs
from different parts of the intermediary network.

 proxy1----------------+   +-----------------proxy2
   |.1                 |.1 |.2                 |.1
======= 10.0.0.0/24    ======= x.y.z.0/24   ======= 10.0.0.0/24
   |.15                                        |.15
  host                                       server

If you are using a good mail reader, the above ASCII art will come
through unscathed.  If it does not come through unscathed, you are not
using a good mail reader.  ;-)

net1: 10.0.0.0/24
        host = 10.0.0.15
        proxy1 = 10.0.0.1

net2: x.y.z.0/24 (NOT 10.0.0.0)
        proxy1 = x.y.z.1
        proxy2 = x.y.z.2

net3: 10.0.0.0/24 [it used to belong to the guy down the block but i
                   bought it at a garage sale and had to merge the two
                   networks]
        proxy2 = 10.0.0.1
        server = 10.0.0.15

Host has proxy set to 10.0.0.1.  Rather than resolving "server", it
sends a Web query for "http://server"; to 10.0.0.1.  Proxy1 gets it.  It
has been told that "server" is on the other side of proxy2.  Rather than
resolving "server", it forwards the Web query for "http://server"; to
proxy2, at x.y.z.2.  Proxy2 breaks this query down, resolves "server"
using _local_ DNS to 10.0.0.15.  Sends the query to server, receives the
response.  Passes the response back to proxy1, which passes it back to
host.

Capisci?

-- 
Joe Yao
-----------------------------------------------------------------------
   This message is not an official statement of OSIS Center policies.

Current thread:

Re: 41/8 announcement, (continued)
- Re: 41/8 announcement Gaurab Raj Upadhaya (May 24)
  - Re: 41/8 announcement Suresh Ramasubramanian (May 24)
  - Message not available
    - Fwd: 41/8 announcement Richard Mikisa (May 24)
    - Re: Fwd: 41/8 announcement bmanning (May 24)
    - Re: Fwd: 41/8 announcement Richard Mikisa (May 24)
    - Re: Fwd: 41/8 announcement william(at)elan.net (May 25)
    - Re: Fwd: 41/8 announcement Mikisa Richard (May 25)
    - Re: Fwd: 41/8 announcement Bill Woodcock (May 26)
    - Re: Fwd: 41/8 announcement william(at)elan.net (May 26)
    - Re: Fwd: 41/8 announcement Bill Woodcock (May 26)
    - Re: Fwd: 41/8 announcement Joseph S D Yao (May 26)
    - Re: Fwd: 41/8 announcement Stephen Sprunk (May 26)
    - Re: Fwd: 41/8 announcement Peter Corlett (May 30)
    - Re: Fwd: 41/8 announcement Valdis . Kletnieks (May 30)
    - Re: Fwd: 41/8 announcement steve (May 26)
    - Re: 41/8 announcement Patrick W. Gilmore (May 24)
- Re: Fwd: 41/8 announcement hjan () libero it (May 27)
  - Re: Fwd: 41/8 announcement Jon Lewis (May 27)