View Single Post
  #4 (permalink)  
Old October 28th, 2002
Paranoid
Guest
 
Posts: n/a
Default

Quote:
Originally posted by Julie Z


Well then, I guess I'm "joe thirtypack". I have a cheapo NAT, assuming you mean my cable modem. Or is it a router? (Which I don't have.) Regardless, in what way are you saying it's improperly configured? I appreciate any enlightenment I can get around here. If you mean that I incorrectly state on LW that I am a T3 or higher, then you are right. (Let the flames begin! After you read my reason, please.)

Ahh, let me enumerate.

I am not talking about a cable modem. A real cable modem is just a media bridging device . I talking about the so called "routers" that peole use to share their connections or use as a rudimentary firewall.
Almost every single device that falls into this class is not really a true router as they are labeled, but use a routing protocol called NAT or network address translation to simply share an external IP among several internal IP's.

To this end a NAT takes the place of the standard end node attatched to the actual network (internet) . It must have a t least two interfaces. The clients are then configured ( typically by dynamic host configuration protocol and conforming to RFC standards of private IP address ranges, usually a 192.168.x.y/24) so that the nats internal Interface is thier gateway and DNS server. When they need to go to the outside world they talk to the NAT.
Now unlike a router a NAT takes the original request and stripps off all the information that identifies they original requesting internal host and substitutes itself as the original requestor, effectively plagerising the request. It also keeps track of the session so that any responses can be directed back to the true source node correctly. This effectively makes a one way connection. An internal client can get out, but since the NAT is not actually the real client no independant inbound connections can ever come in because the NAT doesn't have an idea who to send them to. This is one of the ideas behind a "stateful " connection.

So a NAT is much more secure that a router, but turns you into a total leech if you are using P2P software UNLESS you do morethan just take it out of the box and turn it on.

To not be a leech, you need to configure the NAT correctly.

One mechanism that IP uses to differentiat diffrent types of traffic and identify service type requests is a packet level component we call port number. There are 1024 "well known" port numbers and a total of 65,536 usable numbers. These port numbers are by no means set in stone when it comes to actual usage, but they provide us with a set of standards that can be applied to govern and identify traffic. For example HTTP typically uses port 80: FTP, 21; SMTP, 25 ; and this particular service uses 6346.

To not be a leech we have to therefore map port 6346 on the NAT to device to what ever the internal IP we are using is. This will let independant connections only on this port in to the correct system. You could also map IP's but this really unsecure and I could never reccomend it.


Getting back to you specifically Julie, I could care less about misreporting the speed of your connection, so sorry no flame on that, and it sounds like you are not a leech. I don't use a mac, but my gut feeling is that maybe OSX based in Linux might solve your stability issues; I have none with XP or Win2K . Of course I don't expect you to really upgrade your OS because of a n issue with P2P networking, and my original post not wholly intened to be taken literally. Jeez I shouldn't even have to say that!

Anyways

thank you for an intelligent response

Paranoid
Reply With Quote