On Fri, Sep 07, 2001 at 11:57:24AM -0700, Mike Batchelor wrote:
Well of course, that was my point. Where do you draw the line? The packet as received is not identical to the packet as it was sent, even when NAT is not involved. Along the way, various things get modified, the packet is encapulated, unwrapped, re-encapsulated, TTLs get decremented, ... all
It violates a layering principal. An application never 'creates' a packet (particularly when thinking about TCP). Thus the application doesn't pick the initial TTL, for instance. So there's no reason the application should expect it to be a particular value at the end. An application very much creates it's own data stream, and expects a reliable transport scheme to pass it _unaltered_. Note, NAT can cause issues here. If I run a telnet server on port 53, telnet to it through a NAT gateway, and send data that looks like an AXFR, it will probably change it, thinking it's operating on DNS. That's pretty dangerous. It also crosses an interesting legal line. If your an ISP customer and it's ok for the ISP to read your data stream and alter it in real time to provide NAT, why wouldn't it be legal for them to read your e-mail in real time as it passes, and alter what you said? The same boxes could do it. What makes it ok to alter an IP address here and there, but not alter a word? Why are they different? -- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org