Exam 2021 Problem 1 – how can host be reachable behind NAT without port forwarding?

Exam 2021 Problem 1 – how can host be reachable behind NAT without port forwarding?

par Joel Rudsberg,
Number of replies: 3

In Exam 2021, problem 1, part 5, H1 and H5 are according to the solution using the IPv4 address of H6 as destination address in their UDP packets even though it is behind a NAT. How is this possible without for example port forwarding? To me, it would make more sense to assume that port forwarding has been performed at N2 with the tuple (t4, p) that maps to (z6, q) where t4 is N2 IPv4 address and p and q are some ports. What am I missing?

Thanks. 

/Joel

In reply to Joel Rudsberg

Re: Exam 2021 Problem 1 – how can host be reachable behind NAT without port forwarding?

par Stéphan Plassart,

Dear Joel,

Thank you for your question.

There is a typo in the question 4 of the problem 1 of the exam solution of Exam 2021.

For the packet from H1 to H6, the correct destination IP adress for nodes O7, O8, O1 is t4, and for node O11, it is z6.

For the packet from H5 to H6, the correct destination IP adress for nodes O12, O9, O1 is t4, and for node O11, it is z6.

Best regards,
Stéphan.

In reply to Stéphan Plassart

Re: Exam 2021 Problem 1 – how can host be reachable behind NAT without port forwarding?

par Simon Spangenberg,
I may be missing something but the exam mentions that the internal network of the NAT at N2 points towards observation point O1 ("N2 operates as a NAT for IPv4 (with internal ports towards observation point O1)"). Doesn't this mean that H6 is on the WAN (external) side of the NAT and thus is reachable from within? Which in turn would make the use of the destination address of H6 correct?
In reply to Simon Spangenberg

Re: Exam 2021 Problem 1 – how can host be reachable behind NAT without port forwarding?

par Stéphan Plassart,
Dear Simon,

Thank you for your message.

You are right, I misread the statement, and the exam correction is correct.
N2 operates as a NAT for IPv4 (with internal ports towards observation point O1), so as you said H6 is reachable.

For the packet from H1 to H6, the correct destination IP adress for nodes O7, O8, O1, and O11 is z6 = 8.2.7.11
For the packet from H5 to H6, the correct destination IP adress for nodes O12, O9, O1, and O11 is z6 = 8.2.7.11

Sorry for the inconvenience and thank you for your remark.

Best regards,
Stéphan.