Source port rewritten in packets

zelea2 · ‎18-12-2014

I've just got my FTTC connection and I've noticed that all the sent packets (TCP and UDP) have their source port changed. This is slightly annoying for some of my VPN connections.
Does anybody know if this happens in the Plusnet router or in the Plusnet network due to a possible traffic shaping? If it's just the router I could replace that with my own linux based one where I have more control.

Anonymous · ‎18-12-2014

Hi 'zelea2', welcome to the forum !

Quote from: zelea2
I've noticed that all the sent packets (TCP and UDP) have their source port changed.

Are you sure that you're not confusing yourself with the output from IPv4 NAT ?
Can you give an example of what you are seeing, and what you think it should be ?

Quote from: zelea2
Does anybody know if this happens in the Plusnet router or in the Plusnet network due to a possible traffic shaping?

Plusnet doesn't do traffic shaping on 'unlimited' accounts - which your new FTTC account will be.
They do change one byte in the TCP header in relation to traffic prioritisation, but don't touch the port numbers.
Have a read of this Plusnet blog post - "It's Unlimited! Why is it still traffic managed?"

Quote from: zelea2
I could replace that with my own linux based one where I have more control.

User the router that suits your requirements. I am running a home built Linux router and get better performance than most !

zelea2 · ‎18-12-2014

Could be very well the NAT in the Plusnet router - that's why I am asking.
> hping3 -2 --keep -s 11111 -p 11111 test_host
and on the test host
> tcpdump -nl udp
I then see: IP my_plusenet_host.54515 > test_host.11111: UDP
NAT is not supposed to change the source port unless you tell it to.
I'll install my own router later and see if this persists.

pwatson · ‎26-11-2012

The NAT function (or more correctly PAT function) of all domestic single WAN address router necessarily modify source ports on outgoing TCP/UDP packets. How else will they know which LAN host to route the reply back to?
Using your example, if you ran the ping command from two machines on your LAN how each machine receive their reply if the source port was the same?

zelea2 · ‎18-12-2014

Quote from: pwatson
The NAT function (or more correctly PAT function) of all domestic single WAN address router necessarily modify source ports on outgoing TCP/UDP packets. How else will they know which LAN host to route the reply back to?
Using your example, if you ran the ping command from two machines on your LAN how each machine receive their reply if the source port was the same?

You are absolutely right, normal NAT does port rewritte. Before FTTC from Plusenet I was using ADSL with a different router and I had no port translation in my setup.
The reason was port forwarding aka static NAT. For the range of ports listed to be forwarded back in my local network no port translation was done.
On the Plusnet router there is no proper Port Forwarding function. I've tried to achieve the same with "Game and Application Sharring" and "Assign a game or application to a local network device".
Although connections from outside were working this was not sufficient to bypass NAT.
So as soon as I will change the router with one with proper port forwarding the problem will be solved. Thank you for pointing me in the right direction.

Source port rewritten in packets

Source port rewritten in packets

Re: Source port rewritten in packets

Re: Source port rewritten in packets

Re: Source port rewritten in packets

Re: Source port rewritten in packets