Routing – How are UDP source ports mapped on a NAT

nat;ntprouterroutingudp

Here is an example use case; I am curious to see how this is suppose to work and why:

Someone has a NAT router from their ISP.

Behind the router are 2 PCs running Linux and using ntpd.
ntpd sends UDP messages to servers with source and destination port both set to 123.

When the packets come out of the router (WAN port) and go to the NTP server, what should their src port be?

Is the router suppose to map the src on the LAN to a different src on the WAN so it knows how to map the responses?

If not, and they carry src 123 out to the internet, how does the router know which PC to send the reply to?

Best Answer

This depends on the NAT implementation.

In general, most NAT engines prefer to make as few modifications as necessary. So, the first one there gets to keep their src port. The second one is "the loser" and has it changed. The map entry doesn't depend on anything changing; it tracks whatever is used, changed or not. As long as they aren't both talking to the same server, they can both use the same src port, because the map includes the destination:

[(inside){src}PC A:123 {dst}Server A:123 :: (outside){src}ISP:123 {dst}Server A:123]
[(inside){src}PC B:123 {dst}Server B:123 :: (outside){src}ISP:123 {dst}Server B:123]
                                                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

The outside details are different, thus a unique key to find the inside match.

Best Answer

Related Solutions

Router NAT – How to Query NTP Through Router

Routing NAT – How Does the Router Know How to Route Packets to My Terminal?

Related Topic