Comment 354 for bug 417757

With my protocol purist hat on, I agree with Ulrich that it is a pure bug in the middleboxes, whatever they are - but the practicalities make this tougher to get in if the same queries are sent in the bangbang manner over the same four-tuple. OTOH, the separate ports suck by doubling the state on the "dumb NAPT" boxes in the middle. But other than that (and the added PITA of handling two sockets) - Ulrich/Jakub, are there any obstacles why this is bad, besides the extra code to deal with 2 sockets on the clientside ?

With the practical hat on, having the queries originate from different port should be very practical. Of course, there are "dumb NAPTs", but there the issue is mostly the CPU spent, while for the stateful boxes those would be some significant changes in the code, if they were not coded with the assumption that there can be parallel outstanding requests over the same 4-tuple.

Of course I'd be biased to have this fixed in the middleboxes, but the trouble is that some customers will be in the different administrative domain than the middleboxes - so it's gonna be very challenging for them.