Hacker News new | ask | show | jobs
by rand_r 689 days ago
Because of NAT, it’s actually “IP + Port#” that is globally unique, and ultimately associated with a single physical network interface on a device (e.g an ethernet port on a PC).

There’s exceptions like broadcast IPs, but the point is that it is a system for uniquely locating devices and listening OS processes with IDs routinely shifting around.
1 comments
vel0city 689 days ago
> it’s actually “IP + Port#” that is globally unique

So which globally unique box is 192.168.1.1:443? Can you point to exactly one device out there with that IP:PORT combo? There's probably hundreds of millions of that IP:Port combination currently running and listening.

Which globally unique box is 8.8.8.8:53? You think there's seriously just one network adapter listening for traffic at 1.1.1.1:53? These aren't "broadcast IPs".

https://en.wikipedia.org/wiki/Broadcast_address

And even then, "ultimately associated with a single physical network interface on a device" isn't correct either. You can have multiple physical interfaces listening on the same IP and end up with the same ports.

https://en.wikipedia.org/wiki/Link_aggregation

link
rand_r 689 days ago
Well the 192 case would probably have an external IP + Port uniquely mapped to it in the router’s NAT table. I think you’re missing the larger point though. No one said IPs are exclusively used as GUIDs. Just that they are used as GUIDs, which they are in the majority of cases, and those GUIDs are re-assigned over time.

My Macbook Pro currently has unique IP + Port, associated with a single process listening to it over NAT and packets you send are routed to its network interface. Next week, someone else’s laptop could have that same IP + Port. That’s the main idea here, not these exceptions.

link
vel0city 689 days ago
> would probably have an external IP + Port uniquely mapped to it in the router’s NAT table.

Only on really crappy NAT implementations. My home router can have hundreds of thousands of NAT states, and yet there are only ~61k high number ports. How do you think that works?

Because it is not just "external IP at this port goes to this LAN host". Its the whole session information, SRC_PORT, DEST_PORT, SRC_IP, DEST_IP, all get figured into it.

At this moment there are several NAT states in my home router that share the same public IP:PORT combination, going to different LAN IP:PORT combinations.

An IP address is not globally unique. An IP:PORT is not globally unique. Treating them as globally unique shows a misunderstanding of networking concepts. They're often unique to a single host, but that's not a requirement.

Once again, do you really think there's a single network adapter out there that has 8.8.8.8:53?

link