ipnat and "udp consistent translation" (Skype related)
Jim Hatfield
subscriber at insignia.com
Tue Oct 5 07:24:18 PDT 2004
On Wed, 29 Sep 2004 13:45:40 +0100, in local.freebsd.questions you
wrote:
>Using Skype on a machine behind a FreeBSD 4.x firewall using
>ipf/ipnat, if I try a file transfer I get "your connection is relayed"
>which suggests that there are problems using "UDP hole punching" to
>get a direct connection. The Skype help page sends you to:
>
>http://bgp.lcs.mit.edu/~dga/view.cgi
>
>where ipnat gets a "no" in the "udp consistent translation" column.
I think this info must be out of date, and that ipnat really does
do "UDP consistent translation". This is a bit of output from
ipnat -l:
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [159.148.187.95 27452]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [70.48.222.77 51689]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [80.131.15.67 24122]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [67.8.167.204 52284]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [24.201.154.49 57657]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [82.36.75.76 41765]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [139.91.190.109 4709]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [65.93.139.84 56670]
>MAP 172.16.64.16 13432 <- -> 195.74.141.61 5132 [210.221.94.233 5387]
The machine running Skype is 172.16.64.16 and Skype's
Options->Connections property page shows 13432 as the port number.
I presume 5132 is the translated port number. Looks pretty consistent
to me. So it was a red herring and I'll have to look elsewhere.
jim
More information about the freebsd-questions
mailing list