Proxy server and network address translation NAT

One. Proxy Server

A proxy server is a network entity, which is also known as the World Wide Web cache. The proxy server temporarily has some of the most recent requests and responses on the local disk. When a new request arrives, if the proxy server discovers that the request is the same as a temporary deposit, it returns the staged response without needing to go to the Internet again to access the resource at the address of the URL. A proxy server can work on the client or server side, or on an intermediary system.

Using caching can reduce the latency of accessing Internet servers.

For example, the campus network does not use a proxy server situation. At this time, all the PCs in the campus network establish TCP connection with the source-point server on the Internet through the 2MB/S line link. Therefore, the campus network each PC accesses the Internet the traffic often causes this 2mb/s chain to pass the load, causes the delay to increase greatly.

Here is the case of the campus network using a proxy server. At this point, the process of accessing the Internet is:

(1) When the browser accesses the Internet server, it first establishes the TCP connection with the campus network's cache and sends the HTTP request message to the cache;

(2) If the cache has stored the requested object, the object is placed in an HTTP response message returned to the browser;

(3) Otherwise, the cache represents the user's browser that makes the request, establishes a TCP connection with the source-point server on the Internet, and sends an HTTP request message;

(4) The source point server puts the requested object in the HTTP response message and returns the cache to the campus network;

(5) After the cache receives this object, it is copied in its local storage (for all future), and then placed in an HTTP response message, returned to the browser requesting the object through the established TCP connection.

Two. Network Address translation NAT

Some hosts within the private network have already been assigned to local IP addresses (that is, private addresses used only in this private network), but now want to communicate with the host on the Internet (do not need encryption), if the application of some global IP address, in many cases is not easy to do, Because the address of the global IPv4 is not much left. The most current method used is to use network address translation.

The Network Address translation Nat method was proposed in 1994. This approach requires the installation of NAT software on a router that has a private network connected to the Internet. A router with NAT software is called a NAT router, and it has at least one valid external global IP address. In this way, all hosts that use local addresses will be able to connect to the Internet by translating their local addresses into global IP addresses on the NAT router when communicating with the outside world.

the process of network address translation:

(1) Internal host x the datagram sent by local address IPX and host Y communication on the Internet must go through a NAT router;

(2) The NAT router converts the source address of the datagram to the global Geo IPG, but the destination address ipy remains unchanged and is then sent to the Internet;

(3) The NAT router receives the data of the host Y sent back, knowing that the source address in the datagram is ipy and the destination address is IPG;

(4) According to the NAT translation table, the NAT router converts the destination address IPG to IPX and forwards it to the final internal host X.

When a NAT router has n global IP addresses, it can have up to a maximum of n hosts in the private network to access the Internet. This allows a large number of hosts in the private network to take turns using a limited number of global IP addresses for NAT routers.

Obviously, communication through a NAT router must be initiated by a host in the professional network. Imagine a host on the Internet to initiate communication, and when the IP packet arrives at the NAT router, the NAT router is unaware of the destination IP address that should be converted to the local IP address within the professional network. This indicates that the host within this private network cannot serve as a server because customers on the Internet cannot request services from servers within the professional network.

This article is from the "Zwy" blog, make sure to keep this source http://10548195.blog.51cto.com/10538195/1773629

Proxy server and network address translation NAT