Hi Joe -

>The local stuff worked fine, it was only the external addressing.  I'm
>learning.  Yet one more thing to know.  But at least I figured out how to
>configure my router.  I'm getting VERY dangerous these days <grin>.

This is a repeat of a response that I sent at 9:30 this morning, but which
has still not hit the list.  I'm CC'ing it to you personally, though if the
problem is our email gateway at corporate HQ, that won't help much.  :(


Hi Joe -

> --> (initial request)
> --> (request forwarded to Linux box!)
> --> (response from Linux box to router)
> --> (response finally returned to me)

>Notice how the router handles the port forwarding... it sends a 
>request to the destination device, but only after spoofing the 
>source address to be the realworld address of the router! I don't 
>have the time to sit and think it through; I'd think you would 
>just leave the real source address in place, or else pass the 
>WAN address of the router (not the realworld address). I tried
>picturing the possible combinations of multiple requests forwarded 
>to multiple devices through multiple IP addresses, and I started 
>to get ill.

Since your routing problem has already been solved, I'll just address your
confusion about the source address when the router is talking to the Linux
box or AS/400.  That's your *outgoing* NAT that you're seeing.

Since you are accessing the box via the external address, your internal
address is translated to the router's external address for going to the
Internet.  That address is passed unchanged to Linux box or AS/400, just the
same as any address coming *from* the Internet.

To put it another way, the router is doing two things when you connect to an
internal box via its external address ... NAT and port forwarding.  You are
looking at the results of one part and thinking it applies to the other
part.  You are mixing apples and oranges and coming up with fruit salad! <G>

Now take two aspirin and go lay down in a dark room for a couple of hours
and you'll be fine! <G>

Southern Wine and Spirits of Nevada, Inc.
Opinions expressed are my own and do not necessarily represent the views of
my employer or anyone in their right mind.

| This is the JAVA/400 Mailing List!
| To submit a new message, send your mail to JAVA400-L@midrange.com.
| To subscribe to this list send email to JAVA400-L-SUB@midrange.com.
| To unsubscribe from this list send email to JAVA400-L-UNSUB@midrange.com.
| Questions should be directed to the list owner: joe@zappie.net

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.