Reply to post:

High-end router flinger DrayTek admits to zero day in bunch of Vigor kit

churchers

We had a problem a few years ago where NAT was just using the original source port for its nat pseudo port. The network had a bunch of SIP phones all using 5060 as their source port. All the external traffic ended up having {public-ip}:5060 as the source and the router would just send all replies to the first phone in its nat table. You could clearly see this and the obvious problem it would cause in the nat sessions table - multiple entries with exactly the same external ip and port. Never got anywhere trying to get a fix.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019