From 1d0a3b44023247d1887fe4674e5ce633189ae543 Mon Sep 17 00:00:00 2001 From: Mark Pizzolato Date: Thu, 29 Oct 2015 05:06:01 -0700 Subject: [PATCH] slirp: Describe NAT limitations in the attach help --- slirp_glue/sim_slirp.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/slirp_glue/sim_slirp.c b/slirp_glue/sim_slirp.c index 513e64b2..c8b9c869 100644 --- a/slirp_glue/sim_slirp.c +++ b/slirp_glue/sim_slirp.c @@ -404,7 +404,30 @@ fprintf (st, "%s", " NODHCP disables DHCP server\n" "Default NAT Options: GATEWAY=10.0.2.2, masklen=24(netmask is 255.255.255.0)\n" " DHCP=10.0.2.15, NAMESERVER=10.0.2.3\n" -" Nameserver defaults to proxy traffic to host system's active nameserver\n" +" Nameserver defaults to proxy traffic to host system's active nameserver\n\n" +"NAT limitations\n\n" +"There are four limitations of NAT mode which users should be aware of:\n\n" +" 1) ICMP protocol limitations:\n" +" Some frequently used network debugging tools (e.g. ping or tracerouting)\n" +" rely on the ICMP protocol for sending/receiving messages. While some\n" +" ICMP support is available on some hosts (ping may or may not work),\n" +" some other tools may not work reliably.\n\n" +" 2) Receiving of UDP broadcasts is not reliable:\n" +" The guest does not reliably receive broadcasts, since, in order to save\n" +" resources, it only listens for a certain amount of time after the guest\n" +" has sent UDP data on a particular port.\n\n" +" 3) Protocols such as GRE, DECnet, LAT and Clustering are unsupported:\n" +" Protocols other than TCP and UDP are not supported.\n\n" +" 4) Forwarding host ports < 1024 impossible:\n" +" On Unix-based hosts (e.g. Linux, Solaris, Mac OS X) it is not possible\n" +" to bind to ports below 1024 from applications that are not run by root.\n" +" As a result, if you try to configure such a port forwarding, the attach\n" +" will fail.\n\n" +"These limitations normally don't affect standard network use. But the\n" +"presence of NAT has also subtle effects that may interfere with protocols\n" +"that are normally working. One example is NFS, where the server is often\n" +"configured to refuse connections from non-privileged ports (i.e. ports not\n" +" below 1024).\n" ); return SCPE_OK; }