NAT Classification and pros and cons

NAT is an address translation technique that works on routers where the internal network is able to access the Internet via NAT to an external network, and a NAT-installed router is called a NAT router.

Because the current IP address is scarce and does not meet the luxury of one person (a,b,c Class) IP address, Nat solves this problem, but it also has its pros and cons.

There are three ways to implement NAT , namely static translation of the statically NAT, dynamic translation of the dynamically Nat, and Port multiplexing overload.

1> Static conversion refers to the conversion of the private IP address of the internal network to a public IP address, the IP address pair is one-to-one, is immutable, a private IP address is only converted to a public IP address. With static transformations, external networks can access certain devices (such as servers) in the internal network.

2> Dynamic conversion refers to the conversion of the private IP address of the internal network to the public IP address, the IP address is indeterminate, is random, all authorized access to the Internet private IP address can be randomly converted to any specified legitimate IP address. That is, you can convert dynamically whenever you specify which internal addresses can be converted, and which legal addresses are used as external addresses. Dynamic transformations can use multiple legitimate sets of external addresses. When the ISP provides a legitimate IP address that is slightly less than the number of computers inside the network. You can use the dynamic conversion method.

3> Port Multiplexing (ports addressTranslation,pat) refers to changing the source port of an out-of-Office packet and port conversion translation). Use port multiplexing. All hosts on the internal network can share a legitimate external IP address to enable access to the Internet, thereby maximizing the savings in IP address resources. At the same time, can hide all the hosts inside the network, effectively avoid attacks from the Internet. Therefore, the most application in the network is the port multiplexing method.

The NAT works as shown;

650) this.width=650; "src=" http://up.2cto.com/2013/0927/20130927020920897.jpg "width=" 696 "height=" 161 "alt=" 20130927020920897.jpg "/>

Advantages and disadvantages of NAT:

Advantages:

1>: Because NAT has an external address and an internal address, it has a certain protective effect on the host.

2>: He solved the current tense situation of IP address.

3>: Broadband sharing, which is the biggest function of Nat.

Limitations:

(1) Nat violates the design principle of the IP address structure model. The basis of the IP address structure model is that each IP address identifies a connection to a network. The software design of the Internet is built on this premise, and Nat makes it possible for many hosts to use the same address, such as 10.0.0.1.

(2) NAT causes the IP protocol to become connection-oriented from a non-connection. NAT must maintain a mapping between a private IP address and a public IP address and a port number. In the TCP/IP protocol architecture, if a router fails, the execution of the TCP protocol is not affected. Because the reply is not received in a few seconds, the sending process enters the time-out retransmission process. When NAT is present, the initial design of the TCP/IP protocol process changes and the Internet can become very vulnerable.

(3) Nat violates the design principle of the basic network hierarchical structure model. Because in the traditional network hierarchy model, the nth layer cannot modify the header content of the n+1 layer. Nat destroys the principle of independence for each layer.

(4) Some applications are inserting IP addresses into the content of the body, such as the standard FTP protocol and the IP phone protocol. If NAT works with this type of protocol, then the NAT protocol must be properly corrected. At the same time, the transport layer of the network may also use protocols other than TCP and UDP, then the NAT protocol must be known and modified accordingly. Because of the existence of NAT, it makes it difficult to realize the peer application, because the peer to file sharing and voice sharing are based on the IP protocol.

(5) Nat also has an impact on high-level protocols and security. The RfC has discussed the problems of Nat. The opponents of Nat argue that this temporary mitigation of IP address shortages has delayed the process of Ipv6 migration without addressing deep-seated problems that they consider undesirable.

This article is from the "Traces" blog, be sure to keep this source http://wpfbcr.blog.51cto.com/10696766/1773647

NAT Classification and pros and cons