There are three ways to implement NAT, namely: 1. Static address transfer, which explicitly converts private addresses and public network addresses one-to-one; 2. Dynamic address translation, which converts the private IP address of the internal network to When using a public IP address, the IP address is uncertain; 3. Port address translation, changing the source port of outgoing data packets and performing port translation.
The operating environment of this tutorial: Windows 7 system, Dell G3 computer.
NAT is a technology that converts internal private addresses to public network addresses.
It is divided into 3 categories:
1. Static address translation: one-to-one explicit conversion of private addresses and public addresses;
2. Dynamic address translation: NAT The converter has a public network address pool and can dynamically allocate an unused public network address to an internal private address for communication. Form a temporary mapping relationship;
3. Port address translation: map a port of a public network address to a private address. Multiple private addresses can correspond to one public network address.
Extended information:
NAT (Network Address Translation, Network Address Translation) was proposed in 1994. When some hosts within the private network have been assigned local IP addresses (that is, private addresses used only within this private network), but now want to communicate with hosts on the Internet (without encryption), NAT can be used method.
This method requires installing NAT software on the router connecting the private network (private network IP) to the Internet (public network IP). A router equipped with NAT software is called a NAT router, and it has at least one valid external global IP address (public IP address). In this way, when all hosts using local addresses (private IP addresses) communicate with the outside world, their local addresses must be converted into global IP addresses on the NAT router before they can connect to the Internet.
In addition, this approach of using a small number of global IP addresses (public IP addresses) to represent a larger number of private IP addresses will help slow down the depletion of available IP address space. There is a description of NAT in RFC 2663.
There are three ways to implement NAT, namely static conversion Static Nat, dynamic conversion Dynamic Nat and port multiplexing OverLoad.
Static conversion refers to converting the private IP address of the internal network to a public IP address. The IP address pair is one-to-one and immutable. A certain private IP address is only converted to a certain public IP address. With the help of static translation, the external network can access certain devices (such as servers) in the internal network.
Dynamic conversion refers to converting the private IP address of the internal network to a public IP address. The IP address is uncertain and random. All private IP addresses authorized to access the Internet can be randomly converted to any Specified legal IP address. In other words, as long as you specify which internal addresses can be converted and which legal addresses are used as external addresses, dynamic conversion can be performed. Dynamic translation can use multiple sets of legal external addresses. When the legal IP addresses provided by the ISP are slightly less than the number of computers inside the network. Dynamic conversion can be used.
Port address translation (PAT) refers to changing the source port of outbound data packets and performing port translation, that is, port address translation (PAT, Port Address Translation). Using port multiplexing Way. All hosts on the internal network can share a legal external IP address to access the Internet, thereby maximizing savings on IP address resources. At the same time, it can hide all hosts within the network to effectively avoid attacks from the Internet. Therefore, port multiplexing is currently the most widely used method in the network.
ALG (Application Level Gateway), that is, application level gateway technology: Traditional NAT technology only converts the IP layer and transport layer headers, but some application layer protocols include address information. In order to enable these applications to complete NAT translation transparently, NAT uses a technology called ALG, which can perform corresponding NAT translation on the address information contained in the communication of these applications. For example, the PORT/PASV commands of the FTP protocol, the "A" and "PTR" queries commands of the DNS protocol, and some ICMP message types require corresponding ALG support.
If the protocol data packet does not contain address information, it is easy to use traditional NAT technology to complete the transparent address translation function. Usually the following applications we use can directly use traditional NAT technology: HTTP, TELNET, FINGER, NTP, NFS, ARCHIE, RLOGIN, RSH, RCP, etc.
For more computer-related knowledge, please visit the FAQ column!
The above is the detailed content of There are several ways to initialize the address translation table in NAT.. For more information, please follow other related articles on the PHP Chinese website!