IRC Logs

Network: freenode Channel: #cisco

	Enter your search terms Submit search form
	Web www.irclog.org

[21:50]<j->any idea why nat-t is required and what does it have to do with tcp/udp checksums on ipsec? the nat device doesnt touch the internals udp/tcp headers anyway and the checksum remains the same so what does it have to do with anything
[21:50]<fjzvxnz-wjzc>i love bacon
[21:50]<vz2ufzzzsz>damn straight!
[21:50]<fjzvxnz-wjzc>i could eat bacon every day and not get tired of it
[21:50]<vz2ufzzzsz>yeah, i would, if it wouldnt kill me
[21:51]<bsdrgdjg>nemith: uhh.. no ham is ham
[21:51]<bsdrgdjg>bacon is bacon
[21:51]<bsdrgdjg>two different things
[21:51]<fjzvxnz-wjzc>o-: IPSEC packets have protocol-specific information coded into the payload
[21:51]<vz2ufzzzsz>"they all come from the same animal, dad"
[21:51]<bsdrgdjg>haha
[21:51]<j->loather-work how does it answer my question
[21:51]<vz2ufzzzsz>"sure lisa, a MAGIC animal"
[21:51]<fjzvxnz-wjzc>o-: so NAT-T rewrites that information so the ends will still have connectivity
[21:51]<msxjv>Nobbie, I wish I would've saved all of that stuff from a few years back.. but I've washed my hands of it ( the HP stuff )
[21:52]<vz2ufzzzsz>i played with a 4000M yesterday
[21:52]<j->loather youre talking about 'protocol-specific information' inside the encapsulated payload?
[21:52]<j->or about the esp header?
[21:52]<vz2ufzzzsz>menu driven cli... ugh
[21:52]<fjzvxnz-wjzc>the ESP header
[21:52]<gndyvx>BSDaemon: tastes just like ham to me
[21:52]<j->loather well so the internal ip/{tcp/udp/whatever} is remained untouched
[21:52]<bsdrgdjg>really?
[21:52]<j->how their checksum got to do with anything?
[21:52]<bsdrgdjg>you must get SHITTY bacon
[21:52]<bsdrgdjg>if it tastes like ham
[21:53]<sulnzo>Start with make a plan about the VLAN between Malmö and Stockholm.
[21:53]<sulnzo>Create VLAN and configure ports for respective VLAN. You need only write
[21:53]<sulnzo>which ports which belongs the VLAN and no configureations on the switch.
[21:53]<msxjv>lunch time imo
[21:53]<gndyvx>BSDaemon: well i buy american bacon
[21:53]<bsdrgdjg>my condolences
[21:53]<gndyvx>i am talking about candian bacon
[21:53]<j->loather?
[21:53]<sazdn>canadian bacon, also known as back bacon, is just fried ham
[21:54]<bsdrgdjg>yes
[21:54]<bsdrgdjg>back bacon, sure
[21:54]<bsdrgdjg>you didnt say back bacon
[21:54]<gndyvx>yeah
[21:54]<bsdrgdjg>you said bacon
[21:54]<sazdn>i was translating
[21:54]<gndyvx>candian bacon
[21:54]<ald>no, you did!
[21:54]<bsdrgdjg>uh huh
[21:54]<gndyvx>at least what we call it in the states
[21:54]<gndyvx>yes the same as back bacon
[21:54]<fjzvxnz-wjzc>o-: NAT-T is strange. it rewrites that ESP header to have "wrong" information so the other end of the tunnel knows where to route packets back
[21:54]<sulnzo>BSDaemon: help
[21:55]<bsdrgdjg>ive never heard of 'canadian bacon' so i guess thats why i was confused.
[21:55]<bsdrgdjg>i assumed you meant bacon from canada
[21:55]<gndyvx>ah yeah
[21:55]<gndyvx>no
[21:55]<sazdn>and that is why i offered my translating services being american-canadian
[21:55]<bsdrgdjg>ah, gotcha.
[21:55]<fjzvxnz-wjzc>o-: the NAT device should have a translation open already for that packet, so it should flow back to the right place.
[21:55]<gndyvx>BSDaemon: so now you can order your pizza from dominos correctly :)
[21:56]<sazdn>im awaiting my damned pizza from dominos
[21:56]<sazdn>its been an hour
[21:56]<vz2ufzzzsz>wha??
[21:56]<fjzvxnz-wjzc>call them
[21:56]<vz2ufzzzsz>no joke
[21:56]<fjzvxnz-wjzc>they have a 30 minute guarantee or something
[21:56]<gndyvx>nah
[21:56]<bsdrgdjg>nemith: how so? if i ask for bacon ill get ham?
[21:56]<fjzvxnz-wjzc>you'll get free pizza out of that
[21:56]<sazdn>Not in canadia
[21:56]<gndyvx>they get rid of that
[21:56]<fjzvxnz-wjzc>oh, did they?
[21:56]<fjzvxnz-wjzc>lame
[21:56]<gndyvx>most of my pizza's from dominos take at minumum 45 minutes
[21:56]<gndyvx>and i live 2 blocks from them
[21:56]<fjzvxnz-wjzc>i got one from round table
[21:56]<ald>and they suck
[21:56]<fjzvxnz-wjzc>it took 45 minutes
[21:57]<vz2ufzzzsz>wow, mine take like 30 minutes and i live 3 miles from
[21:57]<fjzvxnz-wjzc>and it's walking distance from my house
[21:57]<gndyvx>BSDaemon: if you get candanian bacon you get ham
[21:57]<fjzvxnz-wjzc>i'm just a lazy bastard and didn't want to go fetch
[21:57]<bsdrgdjg>oh
[21:57]<bsdrgdjg>i wouldnt ask for canadian bacon
[21:57]<bsdrgdjg>if i want bacon id ask for bacon. if i wanted ham id ask for ham
[21:57]<bsdrgdjg>so id never come across that situation where i dont get what i was hoping to get
[21:57]<sazdn>that is different
[21:58]<gndyvx>BSDaemon: well i hope you starve
[21:58]<gndyvx>:P
[21:58]<sazdn>if you ask for 'ham' you'll get cured ham
[21:58]<gndyvx>right
[21:58]<fjzvxnz-wjzc>cured ham is good
[21:58]<bsdrgdjg>whats cured ham?
[21:58]<sazdn>but it isnt back bacon
[21:58]<fjzvxnz-wjzc>i don't know if i would want cured ham on pizza though
[21:58]<gndyvx>and they aren't going to know what the hell back bacon is
[21:58]<bsdrgdjg>okay
[21:58]<bsdrgdjg>so if i want ham, i ask for canadian bacon?
[21:58]<gndyvx>BSDaemon: i am doing you a public service here
[21:58]<gndyvx>:P
[21:58]<j->loather so ike over tcp has nothing to do with nat
[21:58]<j->there is no reason to use ike over tcp?
[21:59]<gndyvx>while trying yo give you a hard time
[21:59]<vz2ufzzzsz>heh

Back to #cisco
Or go to some related logs:
#gentoo
#php
#iptables
#debian
#css