Network Address Translation (NAT) is access to wide area network (WAN) technology, is a kind of private (reserved) address into a valid IP address translation technology, which is widely used in various types of Internet access methods and various types of network. The reason is simple, NAT Bujin perfect solution to the problem of insufficient lP address, but also to effectively prevent external attacks from the network, hide and protect the internal network computer.
Although the NAT can be achieved by means of certain proxy servers, but taking into account the cost of computing and network performance, are often implemented in the router up.
As Internet access continues to surge in the number of computers, IP address resource will become even more stretched. In fact, in addition to the China Education and Research Network (CERNET), the general users are not eligible for almost the entire C-class IP address. In other ISP there, even with hundreds of large-scale local area network computer users, when they apply for IP addresses, the addresses assigned, but only a few or a dozen IP addresses. Obviously, such a small network IP address can not meet the needs of users, so will have a NAT technology.
l.NAT Introduction
With NAT, the private (reserved) address of the "internal" network to send packets through a router, private addresses are converted into valid IP addresses, simply use a small amount of a local area network IP address (or even one) can be realized private address all computers within the network and the Internet's communications needs.
NAT will automatically modify the IP packet's source IP address and destination IP address, Ip address check process in the NAT is done automatically. Some applications will be embedded in the source IP address of IP packet data portion, so the same time, packets need to be modified to match the IP header has been modified source IP address. Otherwise, data packets were embedded IP address of the application will not work.
2.NAT way to achieve
Implementation of NAT There are three ways, namely, static transfer Static Nat, dynamic conversion Dynamic Nat and port multiplexing OverLoad.
Static Transfer refers to the internal network's private IP addresses to public IP addresses, IP addresses is one to one, is in stone, a private IP address is converted to a public IP address. With static transfer can be achieved on the internal network, external network specific device (such as servers) access.
Dynamic conversion refers to the internal network's private IP addresses to public IP address, IP address is uncertain, is random, all authorized to access the private IP address on the Internet can be converted to any given random legal IP address. That is, as long as the internal address can specify what conversion, and with what legal address as the external address to connect the dynamic conversion. Dynamic conversion can use multiple legal external address set. When the ISP to provide slightly less than the legitimate IP address within the network when the number of computers. Dynamic conversion method can be used.
Port address Translation (PAT) is to change the source port of packets to go out and make port translation, the PAT (Port Address Translation). By way of the port multiplexer. All hosts within the network can share a single external IP address to achieve the legitimate Internet access, which can save IP addresses to maximize resources. At the same time, but also hides all the hosts within the network, effectively prevent attacks from the internet. Therefore, it is the most widely used network is the port multiplexing way.
No comments:
Post a Comment