----- Original Message ----- From: "Mark Coccimiglio" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Sunday, June 27, 2004 1:12 PM Subject: Re: Replies on port 1029
> Actually in IP the source port is not of any significance EXCEPT that it > exist. On servers we *lock* applications to specific ports so that we > can find specific services AND utlize a server in several roles (web, > e-mail, radius, etc.). Typically on the client side the system starts > at port 1029 and rotates upwards with each successive connection using > the next available port. It really isn't important what port the client > uses just as long as the server responds back to the same client port. > Additionally the client computer will skip over ports that are currently > in use. Usually the OS decides what port to use. This doesn't say anything about which source port that is typically used in case of a radius reply. > > Mark C. > > Paul Hampson wrote: > > >Wha?? No it doesn't. > > > >FTP opens a _second_ connection for data, but telnet and HTTP both use the existing TCP > >connection for data back to the client. And an IP connection is defiened by five things: > >(local address, local port, remote address, remote port, and protocol (TCP)) These things do > >_not_ change over the life of a connection. > > > >Anyway, isn't radius UDP? :-) UDP sockets don't have to care what the remote address > >and port are, but they still maintain an address and port of their own... And data sent through > >that socket will come out of that address and port. > > > >I expect Alan's right, and there's something in the network translating ports after it leaves > >FreeRADIUS's socket... local NAT firewall, maybe, that maps the response to an unused port? > > > >-- > > > > > > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
