> The same way any standard network switch is (they internally keep a mapping of... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

cesarb 26 days ago | parent | context | favorite | on: How NAT Traversal Works (2020)

> The same way any standard network switch is (they internally keep a mapping of IP to MAC address of connected devices based of ARP packets, which incidentally blocks certain types of address spoofing, but nobody calls a network switch a firewall).

I thought standard network switches kept a mapping of MAC address to physical network ports, and didn't concern themselves with the IP layer at all (other than things like IGMP/MLD snooping)? Mapping from IP to MAC addresses is a function of hosts/gateways, not switches.

yencabulator 26 days ago [–]

Lots of switches filter out ARP responses that would change the destination of traffic to preexisting clients.

For example: https://www.arubanetworks.com/techdocs/AOS-S/16.10/ASG/YAYB/...

Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact