[Mailman-Users] NAT translation problems?
Kyle Rhorer
rhorer at swbell.net
Wed Aug 21 21:23:49 CEST 2002
On Thursday 22 August 2002 13:10, Drew Krause wrote:
> Hello, a few subscribers with city and county government email
> addresses are complaining that our list mail is not getting to them.
> A peek at our mail logs confirms this. One of their system
> administrators noted that their server makes use of 'NAT
> translation', a concept new to me.
NAT stands for Network Address Translation. Therefore, "NAT
translation" is a redundant and incorrect term. That aside, it is a
scheme whereby one set of IP addresses is dynamically translated
(usually by a firewall or firewall-like device) to another address or
set of addresses and back again.
For example, say machine A has an IP address of 192.168.1.5, machine B's
address is 192.168.1.6, and machine F is the firewall. Let's also say
that F is configured to translate between 192.168.1.0 and 192.168.50.0.
If A tries to browse www.python.org, it has to go through F to get to
the Internet. F translates A's address to something in the
192.168.50/24 address space, for the sake of simplicity let's say it's
192.168.50.5. F then sends the address-translated packet on to its
destination (www.python.org). The destination has no way of knowing
that the packet came from any address other than 192.168.50.5. It
sends a reply back, which F translates back to A's address and A
eventually receives it.
Similarly, B might also try to browse www.python.org, and F might
translate B's address to 192.168.50.6. Or, F could translate B's
address to the same 192.168.50.5 address to which A's was translated,
in which case F would have to keep state information in order for
returning packets to make their way back to the proper destination (A
or B).
What I've explained above is greatly simplified in the interest of
space. For a more in-depth explanation of NAT, go to
http://www.itp-journals.com/Network_address_translation_NAT_page1.htm.
> Has anyone else had this problem? (Is it indeed a mailman issue?)
It is not a Mailman issue per sé. Mailman only works in conjunction
with an MTA (mail transport agent) and an HTTP server. If NAT is
properly configured so that SMTP and HTTP pass to the proper
destinations, Mailman should work. From what you described, it sounds
like the problem is on the government agency's end.
Kyle
More information about the Mailman-Users
mailing list