Catalog

1. What is? NAT

1.1. NAT Definition

1.2. NAT Working mechanism

1.3. NAT type

1.3.1. static state NAT

1.3.2. dynamic NAT

1.3.3. Port multiplexing NAPT

1.4. NAT The advantages and disadvantages of Technology

1.4.1. advantage

1.4.2. shortcoming

1. Explain in detail what is NAT

1.1. NAT Definition

NAT（Network Address Translator, The Internet address translation ） It is used to use private address in local network , Switch to global when connecting to the Internet IP Address technology .NAT Actually to solve IPv4 There is a shortage of addresses And developed technology .

1.2. NAT Working mechanism

As shown in the figure below , With 10.0.0.10 The host and 163.221.120.9 Take the host of as an example to explain NAT How it works . utilize NAT, On the way NAT The router sends the source address from 10.0.0.10 Convert to global IP Address （202.244.174.37） Send data again . conversely , When response data from 163.221.120.9 When you send it , Destination address （202.244.174.37） First it's converted to private IP Address 10.0.0.10 It will be forwarded later .

In the whole process , The key points are as follows ：

• The network is divided into private network and public network ,NAT Gateway is set at the route exit from private network to public network , Two way traffic must pass through NAT gateway

• Network access can only be initiated by private network side first , The public network cannot actively access the private network host

• NAT The router completes two address conversions or translations in two access directions , Replace source information in outgoing direction , Replace the target information in the input direction ;

• NAT The existence of router is transparent to both sides of communication ;

• NAT In order to realize the function of two-way translation , Need to maintain a Association table , Save the conversation information .

problem ：

When multiple machines in the private network have to communicate with the outside , Just by conversion IP The address is limited to whether there is enough global IP The address is available . adopt Port multiplexing NAPT Technology can solve this problem

1.3. NAT type

NAT Yes 3 Type in the ： static state NAT, dynamic NAT, Port multiplexing NAPT

1.3.1. static state NAT

One to one conversion of internal local address to internal global address , Quite every one of the internal and local PC Are bound to a global address . It is generally used for servers that provide services externally in the intranet

1.3.2. dynamic NAT

During internal local address translation , Select an idle in the address pool , There is no address being used , To switch , Generally, the address that is in front of the address pool definition is selected , When the data transmission or access is completed, it will be put back into the address pool , For use by other internal and local hosts , however , If this address is being used , It cannot be used by another host for address translation

1.3.3. Port multiplexing NAPT

Facing a large number of hosts in the private network , If NAT Just do it IP Simple replacement of address , There's a problem ： When there are multiple internal hosts accessing the same server , The information returned is not enough to distinguish which internal host the response should be forwarded to . here , need NAT The device distinguishes different sessions according to the transport layer information or other upper layer protocols , And it may need to transform the identity of the upper layer protocol , such as TCP or UDP Port number . such NAT Gateway can map different internal connection access to the same public network IP Simultaneous interpreting of different transport layer ports , In this way, the public network can be realized IP Reuse and demultiplex of . This is also known as port conversion PAT、NAPT or IP camouflage , But more often it's called NAT, Because it is the most typical application mode .

As shown in the figure below , Private network 10.0.0.10 and 10.0.0.11 Host and Internet 163.221.120.9 Take the host of as an example to explain NAPT How it works .

host 163.221.120.9 The port number of is 80, There are 2 A client 10.0.0.10 and 10.0.0.11 Simultaneous communication , And this 2 The local ports of all clients are 1025. here , Just convert IP The address is the global address 202.244.174.37 , It will make the converted numbers exactly the same . therefore , In order to distinguish this 2 One session , As long as 10.0.0.11 The port number of is converted to 1026 You can solve the problem .NAPT The router generates a conversion table , The combination of address and port can be translated correctly , Make the client A、B Can communicate with the server at the same time .

Key points ： Using the uniqueness of the port number, the public network IP To private network IP Transformation , Theoretically, it can make 65535 Hosts share a public network IP Address

1.4. NAT The advantages and disadvantages of Technology

1.4.1. advantage

• Save legal public IP Address （ The biggest advantage ）

• When the network changes , Avoid re addressing .

• Hide the internal address , Increase network security

1.4.2. shortcoming

• from NAT Establish a connection from the outside to the internal server （NAT through ）

• The generation of conversion tables and conversion operations will incur certain overhead

• Once... In the communication process NAT When you need to restart in case of an exception , be-all TCP Connections will be reset . Even if you have two NAT Do disaster recovery backup ,TCP The connection will still be disconnected .