Home >Operation and Maintenance >Safety >How to analyze intranet, public network and NAT

How to analyze intranet, public network and NAT

WBOY
WBOYforward
2023-05-22 16:40:501945browse

When we build a weak current monitoring system, we cannot avoid dealing with IP addresses. For example, after cameras, NVRs, servers and other devices are installed, they need to be assigned IPs. Do you know this IP address? Today Let’s talk about what is intranet, public network and NAT address translation?

1. The definition of intranet, public network and NAT

Intranet is also It is called a local area network. In terms of scope, the intranet is a small part of the network. It generally refers to a network formed in a specific environment, such as a network formed by multiple computers in a family, or large LANs in schools and companies, and the IP of the intranet. Generally, they are 192.168.1.100, 192.168.0.100, 172.16.1.100... These are all intranet IPs. The intranet cannot directly connect to the external network and is relatively closed. However, file management and application software sharing can be achieved within the intranet. , printer sharing and other services.

How to analyze intranet, public network and NAT

Home LAN

The Internet is a remote network used to connect LAN or MAN computers in different areas for communication, also called an external network . It can usually span a large physical range and cover a range of tens to thousands of kilometers. It can connect multiple regions, cities and countries to provide long-distance communications and form a global Internet network.

NAT is called address translation technology. It was born in an era when IP addresses were scarce. Traditional IPv4 public network addresses have been exhausted. Without NAT address translation technology, many devices today would not be able to connect to the Internet. Many people When working in the company or surfing the Internet at home, the computer will be assigned a private network address of 192.168.1.100. This address is only suitable for communication within the local area network and cannot go out of the external network. It is precisely because of the emergence of NAT technology that the internal network The address provides easy access to the Internet.

How to analyze intranet, public network and NAT

NAT address translation

2. How to connect the internal network and the external network

The internal network and the external network In addition to the support of a router or firewall device on the hardware, the connection also needs to be configured in advance with the IP address of the computer, router and other equipment. The IP address is a 32-bit binary value, which is used to mark the address of each computer in the TCP/IP communication protocol. , usually we use dotted decimal notation, such as 192.168.1.100. The Internet is a hierarchy of many small local area networks, each of which hosts many hosts. When designing IP addresses, the hierarchical characteristics of address allocation are taken into consideration, and each IP address is divided into two parts, the network number and the host number, to facilitate the addressing operation of the IP address.

①IP address classification

The IP address can be divided into two parts, the network number and the host number part. The network number represents the network segment number to which it belongs, and the host number represents the The address number of the host in the network segment. IP addresses can be divided into five categories: A, B, C, D, and E:

  • Class A: 0.0.0.0-127.255.255.255

  • Category B: 128.0.0.0-191.255.255.255

  • Category C: 192.0.0.0-223.255.255.255

  • Category D: 224.0. 0.0-239.255.255.255

  • Class E: 240.0.0.0-247.255.255.255

##The three types of addresses A, B, and C are called A unicast address is used to identify an interface of a terminal device, and a packet whose destination address is a unicast address is called a unicast packet; a Class D address is called a multicast address, and a packet whose destination address is a multicast address is called a group Broadcast packets. The interfaces of some devices with specific functions enabled can receive multicast packets corresponding to the multicast address; the Class E address is not used temporarily; there is also a special address 255.255.255.255, called the broadcast address, and the broadcast packet is The text can be received by all devices in the LAN.

Among the IP addresses, there are three addresses specifically used for private network planning and cannot be used for connections on the Internet as follows:

  • Class A: 10.0.0.0- 10.255.255.255

  • Class B: 172.16.0.0-172.31.255.255

  • Category C: 192.168.0.0-192.168.255.255

It is precisely because of the emergence of private network addresses that the IP problem of computer terminal equipment in the LAN is solved, but also because of the emergence of NAT technology, intranet addresses can easily access the Internet, but It is very troublesome to access intranet terminal devices from the Internet address. If you want to access, you need to do port mapping.

②Port mapping

Port mapping aims to map a certain port on the IP address of the external network host to a specific device in the internal network to provide the corresponding Serve. When a user accesses the IP and port, the server will automatically map the request to the terminal device in the corresponding LAN. The configured port mapping is very simple. Enter the router WEB interface to configure the internal IP address, mapped port, external port and protocol. After the configuration is completed, save it and it will take effect.

How to analyze intranet, public network and NAT
Port forwarding

3. NAT application

The main function of NAT is to configure private IP addresses on the intranet, and then uniformly convert them to public network addresses on border devices such as routers or firewalls before accessing the Internet. This eliminates the need to configure a public network for each terminal device in the LAN. IP address solves the problem of exhaustion of public network IPV4 addresses.

Although ANT technology itself solves the problem of IPv4 address exhaustion, it still has its unique characteristics. NAT technology can share public IP addresses and be transparent to end users, making the terminal network more secure. However, it will also increase the processing load of devices such as border routers, resulting in performance degradation, and even hinder remote access of legitimate programs. From an application perspective, NAT application scenarios mainly include the following three aspects:

Many-to-1 conversion: This is also the most common configuration. There are many private IP addresses and only one public IP address. , and then through normal configuration of NAT, a community, a household, or a company can access the Internet.

How to analyze intranet, public network and NAT

Many-to-1 conversion

Many-to-many conversion: There are many private IP addresses corresponding to many public IP addresses. Whoever uses it first? Convert first, then use it up.

1-to-1 conversion: It is a 1-to-1 relationship. One public network address corresponds to one private network address. This is mainly used for static mapping of ports.

Finally, let’s make a summary. What we usually call an intranet is a local area network in a specific environment, such as a local area network connected to several computer devices in a home. The external network is also called the Internet, which connects regions, cities and countries. Network, the emergence of NAT technology has solved the problem of public network IP address exhaustion, allowing computers and other terminal devices to connect to the Internet normally by configuring private network IP.

The above is the detailed content of How to analyze intranet, public network and NAT. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete