[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

BCP38.info

Subject: BCP38.info
From: robachevsky at isoc.org (Andrei Robachevsky)
Date: Wed, 29 Jan 2014 11:11:00 +0100
In-reply-to: <[email protected]>
References: <[email protected]> <[email protected]>

Jared Mauch wrote on 1/28/14 10:11 PM:
> 192.168.0.1 has a rule that says send UDP/53 packets I process to 172.16.0.1.  Since i'm "outside" it's "NAT", the rule ends up taking the source IP, which isn't part of it's "NAT" set, and ends up copying my "source" IP into the packet, then forwards it to the DNS server.

This is really broken. Do you have any idea as to why such rule is
implemented? I also heard that some CPE implement exactly the same logic
if one spoof src IP inside their NAT. I think that the Spoofer project
discards tests from the inside NAT, but maybe they track such cases?

Andrei

References:
- BCP38.info
  - From: nick at flhsi.com (Nick Olsen)
- BCP38.info
  - From: jared at puck.nether.net (Jared Mauch)

Prev by Date: Fwd: [afnog] Introducing Southern Africa Network Operators Group - SAFNOG
Next by Date: BCP38.info
Previous by thread: BCP38.info
Next by thread: BCP38.info
Index(es):
- Date
- Thread