Home >Common Problem >network address translation

network address translation

(*-*)浩
(*-*)浩Original
2019-06-10 10:37:253261browse

In calculator networks, Network Address Translation (NAT), also called network masking or IP masking (IP masquerading), is a method of rerouting IP data packets when they pass through a router or firewall. Technology to write source IP address or destination IP address. This technique is commonly used in private networks that have multiple hosts but only access the Internet through a public IP address. It is a convenient and widely used technology. Of course, NAT also complicates communication between hosts, resulting in a reduction in communication efficiency.

network address translation

Overview

No NAT network, assuming that each access subnet requires a set of /24 IP , and it can also connect to the outside. The external route must retain or apply for at least 1,000 external IPs with NAT networks. Through NAT conversion, the access subnet can use private IP. When connecting externally, the route binds the private IP and the external IP. relationship, modify the address on the transmitted IP packet, so that only 255 external IPs are needed to meet the external connection requirements of the internal access subnet. (Recommended learning: PHP Video Tutorial)

In the mid-1990s, NAT became popular as a solution to the shortage of IPv4 addresses to avoid the difficulty of retaining IP addresses. Network Address Translation is widely used in many countries. So NAT has become a standard feature of routers on home and small office network connections, because for them, the cost of obtaining a separate IP address outweighs the benefits.

In a typical configuration, a local network uses a designated subnet of a private network (such as 192.168.x.x or 10.x.x.x) and a router connected to this network. The router occupies a private address in this network address space (such as 192.168.0.1), and it also connects to the Internet through public IP addresses provided by one or more Internet service providers (called "overload" NAT). When information is passed from the local network to the Internet, the source address is converted from a private address to a public address. The basic data on each connection is tracked by the router, mainly the destination address and port. When a reply returns to the router, it uses the connection tracking data recorded during the output stage to decide which host on the internal network to forward to; if multiple public addresses are available, the port number of the TCP or UDP client can be used when the packet returns. Used to decompose data packets. For communications over the Internet, the router itself serves as the source and destination.

A popular view on the Internet is that the widespread adoption of IPv6 will make NAT no longer needed, because NAT is just a method of dealing with the insufficient address space of IPv4.

Classification

There are three types of NAT: static NAT (StaticNAT), dynamic address NAT (PooledNAT), and network address port translation NAPT (Port-LevelNAT).

Among them, Network Address Port Translation NAPT (NetworkAddressPortTranslation) maps the internal address to a different port of an IP address on the external network. It can hide small and medium-sized networks behind a legitimate IP address. NAPT is different from dynamic address NAT. It maps internal connections to a separate IP address in the external network and adds a port number selected by the NAT device to the address.

NAPT is the most commonly used conversion method, and it is also mainly used in HomeGW. It also contains two conversion methods: SNAT and DNAT.

(1) Source NAT (SourceNAT, SNAT): Modify the source address of the data packet. Source NAT changes the source address of the first packet. It is always done before the packet is sent to the network. Packet masquerading is an example of SNAT.

(2) Destination NAT (DestinationNAT, DNAT): Modify the destination address of the data packet. DestinationNAT is just the opposite of SNAT. It changes the destination address of the first data, such as load balancing, port forwarding and transparent proxy, which belong to DNAT.

For more PHP related technical articles, please visit the PHP Graphic Tutorial column to learn!

The above is the detailed content of network address translation. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn