[Fedora-directory-users] FDS behind NATed firewall
David Boreham
david_list at boreham.org
Thu Jan 11 02:20:37 UTC 2007
One thing to watch when using software tunnels is that there was (is
still?) a
bug in the ldap protocol library underneath the server where if packets are
fragmented in strange and unnatural ways, the server just won't work
properly
(it fails to decode the LDAP PDU header properly). This happens for example
if the tunnel software ends up sending only a few bytes of the beginning
of a
PDU as a TCP segment. Basically you can send perfectly correct LDAP but
fragmented in just the wrong way the server will not decode it correctly.
I'm not sure if this is a real issue any longer but thought it worth
mentioning.
More information about the Fedora-directory-users
mailing list