Peanut shell and network address translation

Network address Translation (NAT) has a port translation called NAPT that is network address

What NAT is:

Devices inside the network are assigned private IP addresses, but NAT-enabled routers retain one or more

An Internet IP address that is valid outside the network. When a client sends a packet outside the network, NAT

The internal IP address of the client is converted to an external address

The primary purpose of NAT is to allow the network to use private IP addresses to conserve IP addresses. The non-routable

The private internal address translates to a routable public address, which in some way adds security to hide the internal

IP address of the department.

Advantages of NAT:

NAT allows the internal network to use private addresses to save registered public addresses

NAT increases the flexibility of connecting to public networks

NAT provides a consistent approach to internal network addressing

Provides network security

Disadvantages of the existence of NAT

Hosts in the Internet appear to communicate directly with a NAT device rather than a host inside a private network

Nat adds a delay

Nat has hidden end-to-end IP addresses

The ability to track end-to-end IP traffic is lost due to NAT changing IP address

NAT also makes troubleshooting or tracking more tricky when malicious traffic occurs

Because the host that needs access from the external network will have two IP addresses an internal, an external address.

NAT Network Conversion Technology is the foundation of nat123 Dynamic Domain name parsing system.

How NAT works:

Routers running NAT processes typically have two networks connected, and local non-registered IP addresses are translated

is the globally registered IP address.

NAT processing Six steps:

1, the IP address of the 10.3.4.25 device sent a packet, and tried to open to 206.100.29.1

Connection

2. When the first packet arrives at the NAT border router, it first checks to see if there is a source address entry

Match addresses in the NAT table

3. If a match is found in the NAT table, proceed to step 4. If no match is found,

The NAT route selects an address in its available IP address pool. This creates a simple item,

Match the internal IP address to the external IP address.

4. Then the NAT border router uses the global IP address 200.3.4.25 instead of the internal IP address 10.3.4.25, which

Causes the destination host to send the returned data packets to 200.3.4.25, which is the IP that is registered on the Internet

Access

5, when the host on the intern uses the IP address 206.100.29.1 to answer the packet, it uses the

The IP address assigned by the NAT router as the destination IP address, this address is 200.3.4.25

6. When the NAT border router accepts an answer from 206.100.29.1, it finds it with the destination address of

200.3.4.25 packet, the NAT router will check its NAT table again, and the NAT table will show the IP ground

This packet is accepted by the address 10.3.4.25.

This article is from the "Huanghaixiong" blog, make sure to keep this source http://10563199.blog.51cto.com/10553199/1677987

Peanut shell and network address translation