Hi all,
I realized this for a time, but I thought it was possibly a lack of knowledge on my part in the operation of Symmetric NAT, so forgive me if I make a mistake in what I expose.
Router: AX58U, 386.3_2. WAN Type = PPPoE, NAT Type = Symetric
If I'm not mistaken, when the Router works in symmetric NAT, any connection made by an internal device on the local network is mapped to a different external port if the destination is different, even if the source port is the same. So a simplest way to verify this, is to make a connection to two different destinations from the same computer and port, and see in the NAT table the external port that is assigned to each connection. In case of being symmetric NAT, the external port should be different.
In my case, Im using ncat (PC) and netstat-nat (Asus):
PC:
ncat -p 10000 google(dot)com 443
(Connection is established)
Asus:
netstat-nat -N | grep 10000
tcp 192.168.2.2:10000 PUBLIC_IP:10000 mad41s10-in-f14.1e100.net:https ESTABLISHED
----------
(cancel ncat, and repeat with another host)
PC:
ncat -p 10000 wikipedia(dot)com 443
(Connection is established)
Asus:
netstat-nat -N | grep 10000
tcp 192.168.2.2:10000 PUBLIC_IP:10000 ncredir-lb.esams.wikimedia.or:https ESTABLISHED
---------------------
The Router always maps the same local port to the same external port, regardless of port or destination address. so I interpret that the Router is really working in FullCone, not Symetric.
This has generated another additional doubt in me. If I use as a local port a port that the Router already has forwarded to another machine (VirtualServer), NAT still maps the local port to the same external port. Shouldn't that port be reserved? couldn't this cause problems for services already mapped?
I realized this for a time, but I thought it was possibly a lack of knowledge on my part in the operation of Symmetric NAT, so forgive me if I make a mistake in what I expose.
Router: AX58U, 386.3_2. WAN Type = PPPoE, NAT Type = Symetric
If I'm not mistaken, when the Router works in symmetric NAT, any connection made by an internal device on the local network is mapped to a different external port if the destination is different, even if the source port is the same. So a simplest way to verify this, is to make a connection to two different destinations from the same computer and port, and see in the NAT table the external port that is assigned to each connection. In case of being symmetric NAT, the external port should be different.
In my case, Im using ncat (PC) and netstat-nat (Asus):
PC:
ncat -p 10000 google(dot)com 443
(Connection is established)
Asus:
netstat-nat -N | grep 10000
tcp 192.168.2.2:10000 PUBLIC_IP:10000 mad41s10-in-f14.1e100.net:https ESTABLISHED
----------
(cancel ncat, and repeat with another host)
PC:
ncat -p 10000 wikipedia(dot)com 443
(Connection is established)
Asus:
netstat-nat -N | grep 10000
tcp 192.168.2.2:10000 PUBLIC_IP:10000 ncredir-lb.esams.wikimedia.or:https ESTABLISHED
---------------------
The Router always maps the same local port to the same external port, regardless of port or destination address. so I interpret that the Router is really working in FullCone, not Symetric.
This has generated another additional doubt in me. If I use as a local port a port that the Router already has forwarded to another machine (VirtualServer), NAT still maps the local port to the same external port. Shouldn't that port be reserved? couldn't this cause problems for services already mapped?
