keeping UDP "session" alive when using NAT
Nathan Stratton Treadway
nathanst at ontko.com
Tue Oct 23 23:50:48 CEST 2012
On Tue, Oct 23, 2012 at 16:57:22 -0400, Donald Pearson wrote:
> That's strange. You do have a rule to NAT the UDP traffic from outside to
> your Tinc host inside right?
(Not explicitly; instead, the router [running Linux] keeps track of
outgoing traffic and maps the incoming packets in reverse... or at least
does so as long as the connection is considered to be active. So
there's no static NAT rule to handle in the incoming Tinc traffic, but
instead the setup relies on the fact that the VPN session is always
started by by the home node making an outgoing connection to the office
node.)
Nathan
----------------------------------------------------------------------------
Nathan Stratton Treadway - nathanst at ontko.com - Mid-Atlantic region
Ray Ontko & Co. - Software consulting services - http://www.ontko.com/
GPG Key: http://www.ontko.com/~nathanst/gpg_key.txt ID: 1023D/ECFB6239
Key fingerprint = 6AD8 485E 20B9 5C71 231C 0C32 15F3 ADCD ECFB 6239
More information about the tinc
mailing list