[AusNOG] 30 Levels of Nat with Firewalls

Pinkerton, Eric Eric.Pinkerton at team.telstra.com
Mon Apr 18 10:12:35 EST 2011


Pix's don't decrement the TTL by default, so traceroute won't work, but turning this on, and thus decrementing the ttl by 30 might present some interesting issues with older O/S's!

From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Cooper Ry Lees
Sent: Sunday, 17 April 2011 2:19 PM
To: ausnog at ausnog.net
Subject: [AusNOG] 30 Levels of Nat with Firewalls

A little Sunday 'easter egg' for fellow Network nerds ...
We have a cupboard full of the old and terrible PIX 501 firewalls sitting around. Due to this I wanted to 'daisy chain' as many as I could together to see how things would operate behind X levels of nat. I ended up getting 30.

Here is a blog post and video of the findings ...
http://cooperlees.com/blog/?p=369

P.s. I could not traceroute anywhere with the 501's, a feature apparently.

Enjoy,
--
Cooper Ry Lees
[e] me at cooperlees.com<mailto:me at cooperlees.com>
[m] +61 403 739 446
[w] http://cooperlees.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20110418/f599073e/attachment.html>


More information about the AusNOG mailing list