keeping UDP "session" alive when using NAT

Nathan Stratton Treadway nathanst at ontko.com
Tue Oct 23 23:50:48 CEST 2012


On Tue, Oct 23, 2012 at 16:57:22 -0400, Donald Pearson wrote:
> That's strange.  You do have a rule to NAT the UDP traffic from outside to
> your Tinc host inside right?

(Not explicitly; instead, the router [running Linux] keeps track of
outgoing traffic and maps the incoming packets in reverse... or at least
does so as long as the connection is considered to be active.  So
there's no static NAT rule to handle in the incoming Tinc traffic, but
instead the setup relies on the fact that the VPN session is always
started by by the home node making an outgoing connection to the office
node.)

						Nathan


----------------------------------------------------------------------------
Nathan Stratton Treadway  -  nathanst at ontko.com  -  Mid-Atlantic region
Ray Ontko & Co.  -  Software consulting services  -   http://www.ontko.com/
 GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt   ID: 1023D/ECFB6239
 Key fingerprint = 6AD8 485E 20B9 5C71 231C  0C32 15F3 ADCD ECFB 6239


More information about the tinc mailing list