Network address translation (NAT) introduction
Although NAT can help some proxy server to realize, but considering the operation cost and performance of the network, a lot of moment are on a router up to realize.
With Internet access the computer quantity continuously surged and IP address resources will increasingly appear under. In fact, except China education and research computer network CERNET outside, general users almost get segmental type C IP address. In other ISP there, even with hundreds of computer of large LAN users when they apply for IP address, the assigned address and only few or ten several IP address. Obviously, and so few IP address can't meet the needs of Internet users, and arose NAT technology.
L.N mig-at profile
By NAT, private (reserves) address "internal" network by the router sends a packet, private address was converted to legitimate IP address, a LAN simply use a few IP address (even the 1) can be realized private address in the network computer and Internet communications all needs.
NAT will automatically modify IP packet source IP address and destination IP address, IP addresses calibration is in the NAT process of automatically. Some applications will source IP address is embedded into IP packet data section, so need to modify a message at the same time, in order to match the IP header modified source IP address. Otherwise, in a message data embedding IP address of each application can't work normally.
2. NAT implementation
NAT way of implementing it has 3 kinds, i. e., Static and Dynamic conversion Static NAT conversion Dynamic NAT and port multiplexing will.
Static transfer refers to the internal network private IP address convert public IP address, IP address to a one-on-one, is a constant, a private IP address only converts a public IP address. By static transfer, may realize the external network to the internal network in certain equipment (such as the server) of the visit.
Dynamic conversion refers to the internal network private IP address convert public IP address, an IP address is not affirmatory, are random, all authorized access private IP addresses on the Internet can be random converts any designated legitimate IP address. That is, as long as specified what internal address can convert, and with what legal address as an external addresses, can dynamically conversion. Dynamic conversion can use several legal external address sets. When the ISP provide legal IP address slightly less than network internal computer quantity. Can use dynamic conversion ways.
Port multiplexing (Port), they maybe PAT refers to change out of data packets source Port and Port conversion, namely Port address Translation (Port after PAT, maybe.) adopts Port multiplexing method. Internal network of all hosts all can share a legitimate external IP address to achieve the Internet access, thereby can maximize the saving IP address resources. At the same time, and can conceal internal network for all the host, effectively avoid from Internet attacks. Therefore, the present network application is what most of the port multiplexing method.
3. Network address translation (NAT) realization
In the configuration network address translation process before, we must first make clear internal interface and external interface, and in which the external interface enable NAT. Normally, connected to the user interface is NAT internal network interface, and connected to the internal external network (such as the Internet) interface is NAT external interface.
No comments:
Post a Comment