0

We are using TCP Simultaneous Open for connecting TCP socket. Lets call one SideA and other SideB.

From the wireshark log I see that first two SYN sent from SideB is blocked by SideA NAT. Then SideA sends SYN and it is received by SideB and it responds with [SYN,ACK]. After receiving this [SYN,ACK] SideA sends ACK. But this doesn't reach SideB. Why is that? Why is the NAT of SideB not allowing the ACK to come through?

Both side has Full Cone NAT. SideA port is 52088 and SideB port is 56961. I am adding wireshark log links for both sides.

SideA

SideB

SideA Router: TPLINK, Model: TLMR3420

I don't know about the router of SideB. But it was AT&T wifi.

Improve this question
4
  • It's very difficult to get TCP simultaneous open to work through NAT.
    – David Schwartz
    Commented Jan 25, 2016 at 9:53
  • Yes. In case of PRC/FC NAT I am mostly successful. But in case of Symmetric its impossible. But here is a scenario where its failed between two FC NATs. Its strange why the ACK is not being let through!
    – Tahlil
    Commented Jan 25, 2016 at 12:33
  • Likely it's because the NAT also has some firewall capability that considers this suspicious/abnormal.
    – David Schwartz
    Commented Jan 25, 2016 at 12:35
  • But the thing is it allowed the SYN from other side. I thought NAT puts much more restriction for incoming SYN. But as the SYN was allowed and it has already sent a SYN to the other side so it should allow the ACK for that sent SYN.
    – Tahlil
    Commented Jan 26, 2016 at 3:05

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .