NAT terms you may not really understand

Figure 5-1 shows the network structure and composition of a basic NAT application. First of all, the key role is of course the network device that provides the NAT service. Generally, the router can also be another layer-3 device, such as a layer-3 Switch and a firewall ). It connects both the Intranet and the Internet through two interfaces. Internal Network Inside Network) is the current Network of the user, usually refers to the user's private LAN, while external Network Outside Network) refers to all the networks other than the internal Network, generally refers to the Internet.

650) this. width = 650; "border =" 0 "alt =" "src =" http://www.bkjia.com/uploads/allimg/131227/023222K17-0.jpg "/>

Figure 5-1 Basic Structure of the NAT application topology

The following are several terms that are closely related to the Cisco NAT technology. This is very important for understanding how NAT technology works.

1. Network Classification

• Internal Network)

An "internal network" usually refers to an edge lan that uses the private IP address of the internal network,Although it can also be a registered public IP address, more non-registered private IP addresses. All computers that use non-registered IP addresses must use NAT for translation and then communicate with other networks. If a host that uses a registered public IP address is in an internal LAN isolated by a router, it also requires NAT translation before you can directly use it for access. Therefore, the IP addresses of the internal network must be converted through the NAT of the router to access the external network.

• External Network)

"External network" is a network other than the local private network. In NAT applications, Internet is the most common external network. Of course, external networks can also be other private networks, such as when two local networks are connected through routers. SoUsers on the external network can use the IP address either registered or non-registered..

Experience: in fact, the "internal network" and "external network" are only relatively defined. They are relative to your current network, if you switch to another network and configure it when the vro is connected to two local networks), the internal and external network roles will change.

2. IP address classification

In NAT, apart from the preceding two network types, IP addresses are defined based on private networks, public networks, inbound traffic, and outbound traffic.

• Local address)

IP addresses can be divided into two categories: "Local address" Local address) and "Global address" Global address.

"Local Address" is the IP address used inside the local network, which can be an internal network or an external network. It is valid only on the local network and cannot be used directly to access the IP address of the external network, it cannot be routed. This is the meaning of the word "local. As mentioned above, both unregistered private network IP addresses and public IP addresses can be used in the internal network,A local address can be either a non-registered IP address used by a private network or a registered IP address used by a public network, but usually a private IP address.

Because NAT is connected to both internal and external networks, there are two types of Local Addresses. One is the internal Local address Inside Local Addresses for internal networks ), the first is the external Local address Outside Local Addresses for the external network ).

Internal local address Inside local address)

An internal local address is the IP address assigned to an internal network host. This IP address is assigned by a computer operating system or a service such as DHCP, but it can be a private non-registered IP address only used by an internal LAN, it can also be a registered IP address uniformly allocated by the ISP, but they are all used in the internal network. Generally, it refers to a non-registered IP address.

Ø external local address Outside local address)

This is another type of local address, which is the same as the internal local address and is assigned to an external network host. This IP address is allocated by a computer operating system or a service such as DHCP, but it can also be a private non-registered IP address only used by an internal LAN, it can also be a registered IP address uniformly allocated by the ISP. It usually refers to the non-registered IP address used by the private network.

Experience: the "internal local address" and "external local address" mentioned here are not the IP addresses of the interfaces connecting the internal and external networks on the vro, it is the IP address assigned to the device in the internal and external networks. We must clarify these 1.1 issues.

• Global address)

The "Global Address" is the IP address corresponding to the local address. It is the IP address converted from the local address in the internal and external networks and can be routed. Here we need to understand the concept of "global". In fact, it refers to the IP address of a transitional network set up between the Intranet and the Internet. Both internal and external networks need to convert the local address into a global address before communication with the peer network. Considering that the NAT router is connected to both the LAN and the Internet, but also to the two LAN, the "Global Address"It can be either a public IP address for registration or a non-registered private IP address.. However, NAT applications primarily connect the internal LAN to the Internet, so the external network is generally the Internet, so the global address is generally the public network registered IP address.

Global addresses can also be divided into two categories: one is the internal global address used to convert the internal local address Inside global address), and the other is the external global address used to convert the external local address Outside global address ).

Internal global address Inside global address)

The "Internal Global Address" is the IP address that the internal network host presents to external network users. It can be the IP address assigned to the interface connecting the vro to the external network. It is the address after the internal local address is converted. Generally, it is a registered IP address allocated by the ISP to the enterprise user's internal network, but it can also be a private IP address allocated by the service provider and registered locally. After NAT translation, for external networks, they act as one or more internal IP addresses to facilitate communication with the external network.

Ø external global address Outside global address)

The "external global address" is the IP address that the external network host presents to the internal network users. It can be the IP address assigned to the interface connecting the vro to the internal network. It is the address converted from the external local address. It is usually the registered IP address allocated by the ISP to the enterprise user's internal network, but it can also be the private IP address allocated and registered by the service provider. After NAT translation, for external networks, they act as one or more external IP addresses to facilitate communication with the internal network.

 

 

The above content is taken from the well-received 《Vro configuration and management manual-Cisco.

This article is from the "Wang da blog" blog. For more information, contact the author!