What happens if two local systems download the same resource on same port?

networking port nat router

I'm aware of NAT table. I just want to know what happens if two clients in a private local area network want to download exactly the same resource on the same port? In other words , When a packet comes from the server, how can the router decide which client is supposed to get this packet?

If I'm not wrong, the incoming packet from the server has destination IP address of the router which is public and is the same for both, and also the destination's port number which happens to be the same as well in this case.

Is there any mechanism in router or server to detect this ? or is this behavior even possible at the first place?

I've searched questions like this, which makes sense that the error raises because the port is busy but I'm asking about two separate systems.

Update : From comments I realized that I wasn't clear enough so let me say it again with an example:

I just care about devices' "source" port. Assume I have two laptops (192.168.2.10 and 192.168.2.11), both of them are downloading same file from the same server somewhere in the internet. Each of them has an operating system which generates a random port so the source IP and source port would be something like: 192.168.2.10:6321 and 192.168.2.11:7132. I thought that in NAT, router will set it's (public)IP address along with the ports from laptops so if the public IP address of the home router is 65.82.23.32, these two packages will get these source IP and source port respectively : 65.82.23.32:6321 and 65.82.23.32:7132.

Now when the response gets back, router can figure out which packet is for which laptop from the port numbers right ? so far so good. But what happens if accidentally or intentionally two laptops generate exactly the same source port? for example : 192.168.2.10:6000 and 192.168.2.11:6000. Now router will set it's public IP address as the source IP address just as before, but now if it tries to use those port numbers, those packages will have exactly the same source IP and source port number, like : 65.82.23.32:6000 and 65.82.23.32:6000.

This is where I got confused that when the response comes back, how router can decide which packet is for which laptop ?

After @mfinni's answer, I noticed that this is not how PAT works! The NAT device (here router) will assign unique ports to each individual laptop(private IP address), then the packets sent out with these unique ports(for example 7777 and 7778). So when response gets back, it's clear that which packet is for which laptop from the ports, then router will convert these 65.82.23.32:7777, 65.82.23.32:7778 to --> 192.168.2.10:6000, 192.168.2.11:6000 respectively.


Solution 1:

A TCP connection (which underlies HTTP and many other protocols) is uniquely (at a given point in time) defined by 4 parameters:

  • The local IP
  • The local port
  • The remote IP
  • The remote port

Even if you make the same request twice simultaneously from the same computer, even with the two IP addresses identical and the destination port identical, the source port will be different.

Likewise, if you have two requests coming from two devices going through the same NAT device, the NAT device will use different source ports. Depending on the device, it may either keep the original source ports (and only change one if there's a conflict), or always assign a new source port independently of the original source port.

The NAT device will then keep for each connection a mapping in its translation table which states that external connection (external IP, external source port, destination IP, destination port) is mapped to internal connection (internal host IP, internal host source port, destination IP, destination port).

Solution 2:

The NAT table knows that the source port on each client is different, so it won't accidentally send the wrong packet to the wrong internal client. The NAT device also assigns different outbound ports, and those are NOT the same between different internal clients.

Solution 3:

When you refer to NAT you are probably actually referring to NAPT. Which changes the source port (at least if needed) in the NAT device. As such the source port will change.

For example iptables MASQUERADE

When doing NAT in this case there is also a need for "connection tracking" which simply keeps track of which "external port" relates to which "internal client and port". In iptables you will often see the rule RELATED,ESTABLISHED which uses. You will also find that if a router that does NAPT is restarted, it will drop all connections. While a router without any NAT usually will just resume any connections. (assuming that it completes restarts before client times out)

Solution 4:

The router doesn't use the same source port number that the laptops generate in its outgoing requests to the WAN, it generates its own unique source ports. The NAT table in the router converts laptop1:6000 into publicip:N and laptop2:6000 into publicip:M. Then it knows where to route incoming packets by which port the traffic arrives on from the Internet.

Related

To use cable management arms or not
Netcat (nc) traditional package for RHEL 6.x?
Email from our server tagged as junk by Hotmail Smartscreen unable to inform Hotmail that it is legitimate
Import RDP file into Microsoft Remote Desktop Connection Manager 2.7
Is anyone using an SNMP and/or WMI poller to push custom metrics to Amazon CloudWatch, and if so how?
apparmor: same profile for multiple apps
executable in path, findable by which, yet cannot execute without fully qualifying path?
Disable "Start In" validation in shortcut
IIS7 ASP.NET application - 2 identical apps in 2 identical app pools, 1 is responsive and 1 is not
connect Open vSwitch switch to real network : iptables masquerade
How to use Chrome's CRL sets (or some master CRL list) as a CRL file?
Windows 2012 can't validate forwarders without a root zone?