----- Original Message ----- > From: "Karl Auer" <[email protected]>
> On Sun, 2013-03-31 at 22:32 -0400, Jay Ashworth wrote: > > This thought crossed my mind earlier today, when I asked Jeff if > > IP-forged > > packets would make it through a NAT, outbound. He said no (I think), > > but > > I'm not entirely sure that's right. > > Welll - the packets might make it out, and be transmitted into the > Internet, but they would have a legitimate source address, namely an > outside address of the NAT router. A side effect of NAT is to clamp the > source address range of outbound packets to the configured NAT outside > address range. D'oh. Of course. Hmmm. That says things about the penetration of NAT routers at consumer eyeball connections vs. directly connected PCs that surprise me. Cheers, -- jra -- Jay R. Ashworth Baylink [email protected] Designer The Things I Think RFC 2100 Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII St Petersburg FL USA #natog +1 727 647 1274
