In some email I received from John Nemeth, sie wrote:
> On Jun 19, 11:38am, Manuel Bouyer wrote:
> } On Jun 19, John Nemeth wrote
> } >      There's another problem.  DNS usually uses UDP.  I don't see how
> } > that could work through NAT, unless the NAT implementation has special
> } 
> } No problem: request comes from 10.0.2.15/port xxxx to 205.216.36.20/port 53
> } You NAT box will remap this to a request from <you ppp adress>/port yyyy to
> } 205.216.36.20/port 53. The DNS will then send back anserw from
> 
>      I realise how NAT works; but, since UDP is a connection less
> protocol, sending and receiving don't need to have any kind of
> correlation.  Of course, for DNS to work, it would have to behave
> somewhat like a connection oriented protocol (duh!).

It might be connection-less, but things like DNS could be said to
be transaction orientated and thus for a query sent out, a reply
back is expected.  It would therefore make a certain amount of sense
to cache information about the outgoing packet so that the reply to
it can be correctly sent to the origin of the query.  By definition
of how these services work, they expect the reply to their query to
be returned to the same port that it was sent out from.  A DNS server
which sends back replies to a random port on a given machine is not
going to serve any client applications well as they'd need to filter
all UDP packets to find the right one.