Dammit I had a good reply and hit back space
Ok when you NAT the the router looks at the src IP and port and the dst IP and port and builds two table entry's that get popped to the top of the NAT table which is read top to bottom. So client A connects an you get entries like this
any udp packet on inside interface from host (client A's IP/port)192.168.1.1:666 going to (serverip/port) 66.245.252.215:2666 rewrite packet from (routers outside IP and some random port) 21.15.66.77:88
Table entry 1 above handles translation from client through NAT to server
and 2nd entry
any udp packet on outside interface from host (serverip/port) 66.245.252.215:2666 and going to 21.15.66.77:88 (routers outside IP and random port) rewrite packet with src ip from routers INside IP and send to 192.168.1.1
This handles translation from server to client.
So when client B connects we get the outbound rule like this
any udp packet on inside interface from host (client B's IP/port)192.168.1.2:666 going to (serverip/port) 66.245.252.215:2666 rewrite packet from (routers outside IP and some random port) 21.15.66.77:88
and another rule like this for the inbound traffic
any udp packet on outside interface from host (serverip/port) 66.245.252.215:2666 and going to 21.15.66.77:88 (routers outside IP and random port) rewrite packet with src ip from routers INside IP and send to 192.168.1.2
Since the rules go ontop of the stack when created and when a packet comes in the router starts at the top of the list looking for a rule match both inbound traffic streams match the new rule that is first ontop of the stack both inbound connections are translated and sent to Client B disconnection A.
So somewhere either the router is not selecting a sufficiently randomized src port on the outbound translation or it's getting confused and not matching to little or too much of a port number like say one port number is 666 and one is 6667 they both match if the matching algorithm is flawed.
One other point your correct some games do not handle NAT well. Thats mostly a thing of the past cause NAT is everywhere.... For example there was some MS mechwarrior game my bro played and it didn't work with nat.
Ok when you NAT the the router looks at the src IP and port and the dst IP and port and builds two table entry's that get popped to the top of the NAT table which is read top to bottom. So client A connects an you get entries like this
any udp packet on inside interface from host (client A's IP/port)192.168.1.1:666 going to (serverip/port) 66.245.252.215:2666 rewrite packet from (routers outside IP and some random port) 21.15.66.77:88
Table entry 1 above handles translation from client through NAT to server
and 2nd entry
any udp packet on outside interface from host (serverip/port) 66.245.252.215:2666 and going to 21.15.66.77:88 (routers outside IP and random port) rewrite packet with src ip from routers INside IP and send to 192.168.1.1
This handles translation from server to client.
So when client B connects we get the outbound rule like this
any udp packet on inside interface from host (client B's IP/port)192.168.1.2:666 going to (serverip/port) 66.245.252.215:2666 rewrite packet from (routers outside IP and some random port) 21.15.66.77:88
and another rule like this for the inbound traffic
any udp packet on outside interface from host (serverip/port) 66.245.252.215:2666 and going to 21.15.66.77:88 (routers outside IP and random port) rewrite packet with src ip from routers INside IP and send to 192.168.1.2
Since the rules go ontop of the stack when created and when a packet comes in the router starts at the top of the list looking for a rule match both inbound traffic streams match the new rule that is first ontop of the stack both inbound connections are translated and sent to Client B disconnection A.
So somewhere either the router is not selecting a sufficiently randomized src port on the outbound translation or it's getting confused and not matching to little or too much of a port number like say one port number is 666 and one is 6667 they both match if the matching algorithm is flawed.
One other point your correct some games do not handle NAT well. Thats mostly a thing of the past cause NAT is everywhere.... For example there was some MS mechwarrior game my bro played and it didn't work with nat.
Comment