I have what might seem a basic question but I really do not know or can find the answer. The question is; if I have a TCP connection from a server which is from a public IP (Client) to a Private IP (Server)which is through a NAT, is the TCP conversation from Client to Server? Or is it from Client to NAT device, then NAT device to server?
The reason why I ask, if I see retransmissions on the client to NAT device should I also see it from NAT device to server? My thoughts are that the TCP conversation is end to end, from the client to server.
asked 27 Jan '15, 14:11
TCP connections through NAT devices are end-to-end, which means that the client is talking to the server on layer 4. NAT translates IP addresses (layer 3), so they can change, but the TCP connection does not terminate at the NAT gateway. Proxy servers would do that kind of thing, but not NAT gateways.
And yes, you should see the same segments being retransmitted, but since the IP addresses are changed at least partially they can be hard to find.
answered 27 Jan '15, 14:18
You should also verify that only NAT is occurring and not PAT. Most routers perform PAT (Port address translation) in which the IP address and the TCP port numbers are modified when connecting from private to public IP addresses.
answered 28 Jan '15, 06:56