- Previous message: Joel Jaeggli: "Update: NANOG 43 PGP signing party."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Darden, Patrick S. (no email)
Date: Mon Jun 02 2008 - 08:21:20 EDT
I'm not aware of any hard rules regarding this. I'll include yours below:
--packet fragmentation due to inconsistent MTUs and/or bandwidth (e.g. moving from ATM at 150Mbps to a fractional DS3 at 3.088Mbps)
--ttl changes from hop to hop
--dest ip changes from hop to hop
--PAT/NAT changes in last network borders (e.g. routing traffic to appropriate endpoints (servers) or starting points (workstations))
--PAT/NAT changes in "last" host (e.g. it hits ext ip port 4443, gets changed to newip:443 and forwarded on)
--firewall changes in buffer/mother network (e.g. protective network or DMZ)--these could be almost anything, most frequent would be morons who completely block ICMP--you should probably count anti-spam and anti-virus (layer 4 but affects layer 3 dramatically) but these are usually advertised features subscribed to by the customers (as opposed to secret "features" that only come out due to customer outrage)
--header checksum changes after contents changes (e.g. dip at a router)
Meh, not sure I was helpful.
--p
|
|
|