NAT Technology and Proxy Server

Source: Internet
Author: User

NAT (Network address translation): Works at the network layer and forwards the packets after the address is translated. Solve the network address is not enough, by hiding the local IP address to protect the network security.

NAT Router (the router that needs to load the NAT software), at least one valid external global IP address, All local address hosts (local IP addresses for all hosts in LAN 192.168.0.0) and extranet traffic are converted to a global IP address on the NAT router to be able to connect to the Internet.

How NAT works:

1). A host in the LAN (source host) submits access to the NAT router for an extranet request

2). NAT routers address translation of request packets (convert source IP address to new source IP address: Global IP address)

3). The NAT router maps the mappings into the conversion table and submits the converted request to the extranet server

4). The extranet server returns an answer packet to the NAT router

5). NAT Router Lookup translation table gets the mapping information and transforms the reply package

6). The NAT router returns the converted reply packet to the LAN host (the source host)

Example: A NAT router's global IP address is (172.38.1.6), the local area network host A's source IP address is (192.168.0.5), to the external network Host B destination IP address for (213.18.2.4) Send IP datagram.

The NAT router forwards the source IP address into the new source IP address (172.38.1.6). When Host B receives an IP datagram to send an answer to a, the IP datagram destination IP address is the IP address of the NAT router (172.38.1.6) instead of the IP address of the source host a, because routers on the Internet will not forward the destination address is the local IP data of the LAN datagram, So the address must be converted. when the NAT router receives the IP datagram from Host B on the outside network, it also makes an IP address translation. Converts the destination IP address (172.38.1.6) on the IP datagram to a new destination IP address (192.168.0.5) through the NAT address translation table, which is the IP address of the true source host a

such as: 650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/80/15/wKiom1c2zbfTwPZ5AAAj-YOTo5o982.png "title=" QQ picture 20160514150306.png "alt=" Wkiom1c2zbftwpz5aaaj-yoto5o982.png "/> When a NAT router has multiple global IP addresses, multiple hosts on the LAN can access the Internet, This allows a large number of hosts in the LAN to take turns using a limited number of global IP addresses for NAT routers.

Note: communication through the NAT router must be initiated by a host on the LAN, and the host on the LAN cannot serve as a server because the client on the Internet cannot request a server in the LAN

Proxy Server (equivalent to a gateway) : Work at the application level, which is responsible for forwarding and controlling data transfers between two networks, but can only support a subset of applications, a server between the client and the Web server. Most have buffering function.

Function: Share Network Connection resource, act as network firewall, can shield the structure and state of LAN, check and control network access

How the Proxy server works: The client host first establishes a TCP connection with the proxy server, and the proxy server makes a TCP connection to the remote server

Example: The client and the Web server, the browser makes a request to the proxy server, the signal will be sent to the proxy server, the proxy server to retrieve the information required by the browser and sent to the browser you want to access

Proxy servers are often used to connect to the Internet and local area networks, as well as to restrict access to external networks of the intranet.



NAT Technology and Proxy Server

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.