Introduction to the basic principles of NAT and Its Relationship with VoIP

This is the second topic in the NAT traversal series of VoIP communications,

Nat is a technology that overwrites the source IP address or/or destination IP address when an IP group passes through a router or firewall, this technology is widely used in private networks with multiple hosts but only one public IP address accessing the Internet. In the middle of 1990s, Nat emerged as a solution to address IPv4 address shortage to avoid difficulties in retaining IP addresses. Routers in homes and small offices are generally integrated with firewalls, DHCP servers, and Nat functions.
NAT traversal is widely used in P2P communication. In the video conferencing process, NAT traversal also plays a crucial role in Intranet and Internet message communication, NAT traversal of signaling or multimedia streams may exist between platform servers, between participating terminals, and between platform servers and participating terminals.

People who have learned about Nat principles should know four similar Nat methods. Most people may not be very clear about the specific details of each type. The following is a simple understanding:

Nat can be divided into four types: Full taper, address restriction, port restriction, and symmetric Nat.

Full taper:

This type of NAT is the simplest and most insecure. Its basic principle is:

Nat machine a accesses the external network B through the NAT device. Nat allocates a ing from the source port of machine A to the external port, any external machine can send data packets to the external port opened by the NAT device, regardless of whether the data packets come from the B address, that is why this type of NAT is not installed.

Restricted address type:

This type of NAT is more secure than the full cone. We know that any external machine in the full cone Nat can send data packets to the internal device A through the external ing port, address-restricted Nat only allows sending data packets from Device B to the external ing port, but does not limit the data packets sent from Port B.

Port restricted type:

This type of NAT adds port B restrictions based on address-restricted Nat. Address-restricted Nat limits the address of B, and port-restricted Nat adds port B restrictions,

That is to say, the NAT device forwards data packets sent from B address and A to B as the source port to internal.

Symmetric NAT:

This type of NAT is different from the above three types. When the same internal host uses the same port to communicate with the external host with different addresses, nat ing for the internal host is different. Symmetric Nat does not guarantee the consistency between the private and public IP addresses in all sessions. On the contrary, it allocates a new port number for each new session. As a result, when both devices are symmetric Nat, the client following it cannot implement P2P communication and must use a transit device.