tailieunhanh - Network Address Translation (NAT)

RFC-1631 A short term solution to the problem of the depletion of IP addresses Long term solution is IP v6 (or whatever is finally agreed on) CIDR (Classless InterDomain Routing ) is a possible short term solution NAT is another NAT is a way to conserve IP addresses Hide a number of hosts behind a single IP address Use: , or for local networks | Network Address Translation (NAT) CS-480b Dick Steflik Network Address Translation RFC-1631 A short term solution to the problem of the depletion of IP addresses Long term solution is IP v6 (or whatever is finally agreed on) CIDR (Classless InterDomain Routing ) is a possible short term solution NAT is another NAT is a way to conserve IP addresses Hide a number of hosts behind a single IP address Use: , or for local networks Translation Modes Dynamic Translation (IP Masquerading) large number of internal users share a single external address Static Translation a block external addresses are translated to a same size block of internal addresses Load Balancing Translation a single incoming IP address is distributed across a number of internal servers Network Redundancy Translation multiple internet connections are attached to a NAT Firewall that it chooses and uses based on bandwidth, congestion and . | Network Address Translation (NAT) CS-480b Dick Steflik Network Address Translation RFC-1631 A short term solution to the problem of the depletion of IP addresses Long term solution is IP v6 (or whatever is finally agreed on) CIDR (Classless InterDomain Routing ) is a possible short term solution NAT is another NAT is a way to conserve IP addresses Hide a number of hosts behind a single IP address Use: , or for local networks Translation Modes Dynamic Translation (IP Masquerading) large number of internal users share a single external address Static Translation a block external addresses are translated to a same size block of internal addresses Load Balancing Translation a single incoming IP address is distributed across a number of internal servers Network Redundancy Translation multiple internet connections are attached to a NAT Firewall that it chooses and uses based on bandwidth, congestion and availability. Dynamic Translation (IP Masquerading ) Also called Network Address and Port Translation (NAPT) Individual hosts inside the Firewall are identified based on of each connection flowing through the firewall. Since a connection doesn’t exist until an internal host requests a connection through the firewall to an external host, and most Firewalls only open ports only for the addressed host only that host can route back into the internal network IP Source routing could route back in; but, most Firewalls block incoming source routed packets NAT only prevents external hosts from making connections to internal hosts. Some protocols won’t work; protocols that rely on separate connections back into the local network Theoretical max of 216 connections, actual is much less Static Translation Map a range of external address to the same size block of internal addresses Firewall just does a simple translation of each address Port forwarding - map a specific port to come through the Firewall rather