Network Address translation: Nat principle

Principle: By converting the source address or destination address to achieve

Implementation method: According to the number of public IP

#静态转换: One-to-one, often used for internal server publishing

#动态转换: Many to many, intranet access to the extranet

#端口多路复用: A public IP corresponding to a number of private IP, for intranet access extranet

"PAT: Port Multiplexing"

Principle: Differentiate internal paths by port number

Function: Implement multiple internal hosts sharing an IP internet

1, can use intranet to access the external network

2, the internal server can be published to the external network

"Port Mappings"

Multiple internal servers are published via a public IP

First, NAT overview

NAT (network address translation), convert private address to public address, alleviate IP address deficiencies, and hide private address of internal server

(1), the concept of NAT and the realization method

1, Nat overview

NAT automatically modifies the source IP address or destination IP address in the IP header, and the IP address is automatically completed during NAT processing

Some applications embed the source IP address in the data portion of the IP packet, so you also need to modify the data portion to match the modified source IP address in the IP header, otherwise the application that has the IP address embedded in the data part of the package does not work properly

2. The realization method of NAT

"Static transformations, statically translation"

Converts the private IP address of the internal network to a publicly valid IP address

The correspondence of the IP address is one-to-one, and is invariant

"Dynamic conversion, dyanmic translation"

Converts the private IP address of the internal network to a publicly valid IP address

The corresponding header system of IP address is indeterminate and random.

Dynamic transformations are also one-to-one conversions, so you can use dynamic conversions only if the internal network has fewer hosts than the IP addresses in the configured legal address set

"Port multiplexing, ports address Translation,pat"

Change the source IP address and the source port of the outgoing packet and port conversion, that is, the port address translation using this method

All hosts of the internal network can share a legitimate external IP address to achieve Internet access, so as to maximize the savings of IP 10 resources

The most commonly used in the network is the way of port multiplexing

(2), NAT terminology and conversion table