nanog mailing list archives

Re: NAT devices not translating privileged ports

From: Fernando Gont via NANOG <nanog () nanog org>
Date: Thu, 10 Jun 2021 09:32:14 +0000

Hi, Jean,

On Fri, 2021-06-04 at 08:36 -0400, Jean St-Laurent wrote:

I believe all devices will translate a privileged ports, but it won't
translate to the same number on the other side. It will translate to
an unprivileged port. Is it what you meant or really there are some
devices that will not translate at all a privileged port?


What has been reported to us is that some boxes do not translate the
src port if it's a privileged port.

IN such scenarios, NTP implementations that always use src port=123,
dst port=123 might be in trouble if there are multiple NTP clients
behind the same NAT device....

Thanks!

Regards,
--
Fernando Gont
Director of Information Security
EdgeUno, Inc.
PGP Fingerprint: DFBD 63E3 B248 AE79 C598 AF23 EBAE DA03 0644 1531

Current thread:

NAT devices not translating privileged ports Fernando Gont (Jun 04)
- RE: NAT devices not translating privileged ports Jean St-Laurent via NANOG (Jun 04)
  - Re: NAT devices not translating privileged ports Blake Hudson (Jun 04)
    - Re: NAT devices not translating privileged ports Alvaro Pereira (Jun 07)
    - Re: NAT devices not translating privileged ports Fernando Gont via NANOG (Jun 10)
    - Re: NAT devices not translating privileged ports Blake Hudson (Jun 10)
  - Re: NAT devices not translating privileged ports Fernando Gont via NANOG (Jun 10)
    - Re: NAT devices not translating privileged ports Bjørn Mork (Jun 10)
    - Re: NAT devices not translating privileged ports Fernando Gont via NANOG (Jun 10)
    - RE: NAT devices not translating privileged ports Jean St-Laurent via NANOG (Jun 10)
    - Re: NAT devices not translating privileged ports Fernando Gont via NANOG (Jun 10)
    - RE: NAT devices not translating privileged ports Jean St-Laurent via NANOG (Jun 10)
    - Re: NAT devices not translating privileged ports Fernando Gont via NANOG (Jun 10)