Network address Translation (NAT) overview in Win XP

Brief introduction

As more and more families and small businesses acquire computers, they will find that the network is a very powerful tool for sharing computer resources. Internet connections are more valuable resources on the network and are likely to be shared. You need to deploy an Internet gateway for a shared Internet connection while taking advantage of inexpensive, simple, home or small office networks. Internet gateways typically use NAT (network address translation) as a way to connect multiple hosts to the Internet to share a single public IP address. Unfortunately, however, the solution destroys a variety of network applications. We will explain this in this article.

The existing NAT traverse technology allows network applications to detect the presence of a local NAT device. When detected, the application then configures the NAT to define mappings to resolve compatibility issues.

This article is an overview article that will give users and developers of network applications a brief introduction to NAT, how to identify common nat problems, and how applications can use NAT traverse to solve these problems. One important feature of Internet gateway devices that require attention is UPnP authentication. When a consumer buys or leases an Internet gateway device from a service provider, it is strongly recommended that only the UPnP-certified devices used for NAT traverse be considered, because the feature is critical to meet users, reduce support costs, and use more innovative services and applications.

For gateway device vendors, it is not complicated, expensive, and time-consuming to add UPnP support to NAT through Internet gateway devices. By using UPnP, which is already based on Internet standards and protocols, Internet gateway device manufacturers can resolve NAT traverse problems and extend the benefits to most applications that pass through the device. This contrasts with the need for many application developers or gateway device manufacturers to provide a one-time solution to address these issues. This article is not intended to provide a detailed guide for hardware manufacturers who want to implement NAT traverse in Internet gateway devices. For this information, see the UPnP forum Web site.

Knowledge of the Windows architecture, network, and UPnP architecture can be helpful, but not required, for a full understanding of this article.

What is NAT?

Network address Translation (NAT) is an Internet Engineering task Group (Internet Engineering task FORCE,IETF) standard that allows multiple PCs on a private network (using private address segments, such as 10.0.x.x, 192.168.x.x , 172.x.x.x) to share a single, global routing IPv4 address. The growing lack of IPV4 addresses is a major reason for the frequent deployment of NAT. Internet Connection Sharing in Windows XP and Windows Me and many Internet gateway devices use NAT, especially if you are connected to a broadband network via a DSL or cable modem.

NAT is a temporary solution for addressing the problem of IPv4 address consumption (which is not necessary in IPV6 deployments), although it is effective. The problem of IPV4 address occupancy has become more serious in Asia and other parts of the world, and is becoming a growing concern in North America. This is why people have long been concerned about the use of IPv6 to overcome this problem.

In addition to reducing the required IPv4 address, NAT also provides a hidden layer for private networks because all hosts outside the private Network monitor traffic through a shared IP address. NAT is different from a firewall or proxy server, but it does contribute to security.

Figure 1: An example of a network using NAT devices for Internet communication.

Just as a fixed cable modem or DSL modem can be used as a NAT device,

PCs can also be used as NAT devices.

General NAT Operations

Clients behind a NAT device are typically assigned to a dedicated IP address through DHCP (Dynamic Host Configuration Protocol) or statically configured by an administrator. When communicating outside of the private network, the following events usually occur.

On the client

When an application wants to communicate with the server, it opens the socket associated with the source IP address, source port, Destination IP address, destination port, and network protocol. This will identify the two endpoints required for communication. When an application uses this socket to transmit information, the client's dedicated IP address (the source IP address) and the port (the source port) are inserted into the packet's source field. The destination field for the packet will contain the server's IP address (remote host-destination IP address) and port. Because the packet is destined for a location outside the private network, the client will forward the packet to the default gateway. The default gateway in this case is the NAT device.

Output packets on a NAT device

The NAT device intercepts the output packet, and then creates the port mappings using the destination IP address (server), the destination port, the external IP address of the NAT device, the external port, the network protocol, and the client's internal IP address and port.

The NAT device maintains a table of these mappings and stores the mappings for that port in the table. The external IP address and port are the public IP addresses and ports that the data communication uses to replace the internal client IP address and port.

The NAT device converts the source field of the packet from the client-specific internal IP address and port to the public IP address and port of the NAT device, thereby converting the packets.

The packet is then sent over the external network and eventually arrives at the target server.

Figure 2: An example of outbound packet conversions.

On the server

When the server receives the packet, it considers itself to be communicating with a computer that has a globally routed IP address. It directs the response packet to the external IP address and port of the NAT device using the IP address and port in its source field.