[nos-bbs] UDP Port Unreachable - problem found
Michael E. Fox - N6MEF
n6mef at mefox.org
Sat Nov 16 12:35:52 EST 2013
Ah, Maiko, I'm the guy that's always complaining about lack of
documentation. Do you really think I wouldn't at least read what's there?
Hi, Hi.
Yes, the attach axudp command can include source and destination port number
assignments. But that doesn't solve the problem.
The problem is that JNOS is requiring that received packets use a specific,
unchanging source port (93 by default, or whatever you configure on the
attach axudp line). But it shouldn't care what the source port is. The
router will pick any source port it wants, so there's no way to tell in
advance what it will be and, therefore, no way to configure it in the attach
command.
Why haven't others seen this problem?
1) I suspect most people will use AXIP where possible. I certainly do.
But, in this case, the firewall on the other end is pretty simple and only
knows about TCP and UDP.
1) If they're running AXUDP inside an AMPRnet tunnel, then the external
router doesn't see it. It only sees IP-Encap packets. But, in this case,
the other end doesn't have an AMPRnet gateway.
2) I suspect most hams don't go to the expense of the higher-end firewalls
we're required to use. If they have a consumer grade firewall and only a
single JNOS system, then it will typically leave the original source port
alone. But even such firewalls would need to change the source port if a
second JNOS system tries to operate.
So, in this case, I've got three strikes operating against me. But that
would still be o.k. if JNOS would just work like "normal". Hi, Hi.
Think about it. Telnet accepts any source port. Why should axudp be any
different?
M
-----Original Message-----
Well, you see, this is where it gets interesting. If you actually read the
documentation under the axudp section, you will note there is a provision
to change both source and destination ports of AXUDP interfaces.
Maiko
More information about the nos-bbs
mailing list