The "secret" principle of "free" cross-peer network through NAT

Source: Internet
Author: User
Tags ftp protocol

NAT is designed to save the IP address, but it hides the address of the Intranet machine, "accidental" played a security role, because the client is active login to peer-network to be able to cross, so peer-to way also does not violate the enterprise's internal management principles ...

What it means to cross a NAT :

NAT is designed to conserve IP addresses, but it hides the address of the Intranet machine, which "accidentally" plays a security role. External not visible, opaque internal network also with the Internet "fair" application, "mutual sharing" of the idea of the "mutually shared" the purpose of "mutual service", so through the NAT, so that many internal network of machines also participate in the peer network of Big Collective, has been peer developers hope. Cross-NAT requires external support, which is "collusion inside and outside", and deceives Nat. Many peer networks have succeeded in achieving this goal, but there are some "regrets"---not all cases. Because the client is actively logged in to peer-to network can be traversed, so the way peer-to the enterprise's internal management principles, after all, the "free World" to join are voluntary.

nat Principle :

NAT Network address translation/network address translation.

How it works: Nat mainly through the address of the packet header replacement to complete the intranet computer access to the external network services. When the internal machine to access the external network, the NAT device to the internal IP1 and port number 1 (Network Layer Address and Transport Layer address), converted to NAT external IP2 and the new port number 2, and then to the external network, the data returned, and then the purpose is IP2: Port 2 of the packet is replaced with IP1: Port 1, Sent to the intranet machine. If the content of the communication protocol has IP address transmission, such as FTP protocol, NAT in translation should also pay attention to the protocol address in the packet where the interaction of the place also to be replaced, otherwise the protocol will appear confusion. This mapping table is maintained in the NAT device to replace the address, and the table is maintained according to the communication requirements of the internal computer. The external network to whether the packet can enter the NAT, mainly to see if there are already mapped table entries, if not it will be discarded.

The "secret" principle of "free" cross-peer network through NAT

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.