Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SlashDot: "Comcast Gunning for NAT Users"

  • From: Keith Woodworth
  • Date: Thu Jan 31 17:05:47 2002



On Thu, 31 Jan 2002, David Charlap wrote:

|+
|+Keith Woodworth wrote:
|+> 
|+> From a technical standpoint how does one detect NAT users over the
|+> network?
|+
|+You can't deterministically do so, but there are some telltale signs. 
|+NAT implementations (at least the ones I've seen) tend to choose very
|+large port numbers (above 30,000) for the ports that they generate.

That was my understanding.

|+Anybody who tries to detect NAT through these kinds of heuristic methods
|+will end up with a lot of false positives and false negatives.  And if
|+it becomes a problem, the NAT implementors will simply alter their code
|+to make it impossible to distinguish from a single host's traffic.

Thats sort of what I thought. Ive looked at some tcpdumps that are coming
from a FreeBSD machine doing NAT a while ago to see what was in the
packets exactly and I could not see how you could tell that box was doing
NAT really. But I'm not completely proficient in deciphering packets so I
may have missed something along the way.

Keith





Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.