DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2800G NAT sessions don't work properly in 2.8.2?

  • softins
  • Topic Author
  • Offline
  • New Member
  • New Member
More
22 Mar 2010 13:30 #61294 by softins
Recently switched from 2.7.2 to 2.8.2 on my 2800G and found that NAT behaviour was broken for outbound sessions. Had to revert to 2.7.2 for now.

The problem is that in 2.8.2, the outbound source port does not get translated. This becomes a problem when two boxes on the LAN use the same source port to connect to the same IP/port on the internet.

Here is an example pair of NAT sessions from 2.7.2:

Code:
------------------------------------------------------------------------------- Private IP :Port #Pseudo Port Peer IP :Port Ifno Status ------------------------------------------------------------------------------- 192.168.0.2 4569 37401 87.238.75.xxx 4569 3 0 192.168.0.20 4569 37977 87.238.75.xxx 4569 3 0


This is fine, as each box gets a different pseudo-port on the WAN.

However, when using 2.8.2, the pseudo-port is the same as the source port:

Code:
------------------------------------------------------------------------------- Private IP :Port #Pseudo Port Peer IP :Port Ifno Status ------------------------------------------------------------------------------- 192.168.0.2 4569 4569 87.238.75.xxx 4569 3 0 192.168.0.20 4569 4569 87.238.75.xxx 4569 3 0


This means that any return traffic cannot tell which box it should be routed to.

Is this a bug? Or is there a new setting that turns this behaviour on and off? (Although I can't imagine what use the new behaviour would be!)

Cheers
Tony

Please Log in or Create an account to join the conversation.

  • softins
  • Topic Author
  • Offline
  • New Member
  • New Member
More
24 Mar 2010 10:30 #61320 by softins
Replied by softins on topic Solved in 2.8.2.1 beta 1120
Well, having contacted support and received some suggestions to follow from Adam, I managed to establish the following:

1. The problem does not exist in 2.8.1 or earlier.
2. It was introduced in 2.8.2.
3. It affects UDP sessions only; TCP sessions still work fine.
4. It has been fixed again in the 2.8.2.1 beta 1120 firmware that is available from the Draytek UK site.

So having updated to 2.8.2.1b1120 I am happy :-)

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami