Đang chuẩn bị liên kết để tải về tài liệu:
The Illustrated Network- P73

The Illustrated Network- P73:In this chapter, you will learn about the protocol stack used on the global public Internet and how these protocols have been evolving in today’s world. We’ll review some key basic defi nitions and see the network used to illustrate all of the examples in this book, as well as the packet content, the role that hosts and routers play on the network, and how graphic user and command line interfaces (GUI and CLI, respectively) both are used to interact with devices. | CHAPTER 27 Network Address Translation 689 The DNS server replies not with the private nonroutable address but with the mapped address in the NAT reply in this case 169.254.99.1 as established in the previous step. Once this DNS NAT procedure is complete the transaction in bidirectional NAT continues as shown in Figure 27.3 . Naturally requests from local LAN devices are still handled as in unidirectional NAT. Port-Based NAT In both unidirectional and bidirectional NAT the address translation is always one to one. Even when dynamic mapping is used the entire inside address is always swapped out for an outside address. But we set up our examples by saying that 250 LAN hosts are going to share only 20 public IP addresses. Unidirectional and bidirectional NAT handles 20 or fewer simultaneous Internet users on the LAN. But what happens when more than 20 hosts are trying to access the Internet all at the same time That s where port-based NAT also called overloaded NAT comes in. Some devices even advertise this as network port address translation NAPT or port address translation PAT but we ll just call it port-based NAT. We are now essentially translating sockets from inside to outside. With port-based NAT we can easily have all 250 devices with outstanding requests on the Internet all at the same time and never come close to running out of port numbers which run from 0 to 65 535 . Let s say that one host on the LAN is already using private address 10.100.100.27 and source port 17000 perhaps the browser always uses that source port number to contact a Web site. No problem. Port-based NAT just translates both IP address and port as shown in Figure 27.4. Inside LAN Outside Internet Request Request Source 10.100.100.27 17000 Source 169.254.99.1 18395 Dest 250.99.111.4 80 Dest 250.99.111.4 80 1. Client sends request 2. NAT on source addr and port Reply Source 250.99.111.4 80 Dest 10.100.100.27 17000 4. NAT on dest addr and port Reply Source 250.99.111.4 80 Dest 169.254.99.1