Date: Wed, 11 May 2005 13:57:23 -0700 (PDT) From: Arne "Wörner" <arne_woerner@yahoo.com> To: george roman <thewolfro@yahoo.com>, freebsd-security@freebsd.org Subject: Re: icmp problem Message-ID: <20050511205723.48284.qmail@web41210.mail.yahoo.com> In-Reply-To: 6667
next in thread | raw e-mail | index | archive | help
--- george roman <thewolfro@yahoo.com> wrote: > hi i have a problem with my icmp, i have a router that > performs nat. i cannot ping to internet hosts from > more than one stations situated behind NAT at once. if > i want to ping from another station i have to stop the > ping that was initiated from the first host, and after > a few seconds i can ping from another station.i've > checked firewll and i have no ipfw rules that could > stop icmp traffic. where should i continue my search > and what can i do to resolv this problem. i really > have to get ping wrking from more than one stations at > once. > Hi! I would guess, that ICMP packets do not have a port number (just a request/response id), so that the NAT cannot distinguish multiple ICMP packet sources (I mean: The response from the ICMP requestee cannot be mapped back to the appropriate ICMP requester). Hmm... I just think, that (if you have multiple ICMP requestees) the NAT could be able to map back the ICMP requester IP by the IP of the ICMP requestee. But I do not know, how your router works... Maybe your computer-pool could elect an ICMP-master, who coordinates all the ICMP traffic through the NAT. Bye Arne __________________________________ Yahoo! Mail Mobile Take Yahoo! Mail with you! Check email on your mobile phone. http://mobile.yahoo.com/learn/mail
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050511205723.48284.qmail>