3com 3031 Instruccion De Instalación
32
NAT C
ONFIGURATION
NAT Overview
As described in RFC1631, Network Address Translation (NAT) is to translate the IP
address in IP data packet header into another IP address, which is mainly used to
implement private network accessing external network in practice. NAT can
reduce the depletion speed of IP address space via using several public IP addresses
to represent multiple private IP addresses.
address in IP data packet header into another IP address, which is mainly used to
implement private network accessing external network in practice. NAT can
reduce the depletion speed of IP address space via using several public IP addresses
to represent multiple private IP addresses.
Private address denotes the address of network or host on intranet, whereas
public address denotes the universal unique IP address on Internet.
public address denotes the universal unique IP address on Internet.
IP addresses that RFC1918 reserves for private and private use are.
■
Class A: 10.0.0.0 to 10.255.255.255 (10.0.0.0/8)
■
Class B: 172.16.0.0 to 172.31.255.255 (172.16.0.0/12)
■
Class C: 192.168.0.0 to 192.168.255.255 (192.168.0.0/16)
IP addresses in the above three ranges will not be assigned in the Internet, so they
can be used in the intranet by a company or enterprise with no need for
requesting ISP or register center.
can be used in the intranet by a company or enterprise with no need for
requesting ISP or register center.
A basic NAT application is shown in the following figure.
Figure 109 Networking diagram of basic processes of address translation
NAT server such as the Router is located at the joint between private network and
public network. When the internal PC at 192.168.1.3 sends the data packet1 to
the external server at 202.120.10.2, the data packet will traverse the NAT server.
The NAT server checks the contents in the packet header. If the destination
address in the header is an extranet address, the server will translate the source
address 192.168.1.3 into a valid public address on the Internet 202.169.10.1,
then forward the packet to the external server and record the mapping in the
public network. When the internal PC at 192.168.1.3 sends the data packet1 to
the external server at 202.120.10.2, the data packet will traverse the NAT server.
The NAT server checks the contents in the packet header. If the destination
address in the header is an extranet address, the server will translate the source
address 192.168.1.3 into a valid public address on the Internet 202.169.10.1,
then forward the packet to the external server and record the mapping in the
PC
202.130.10.3
Internet
Serv er
202.120.10.2
Serv er
192.168.1.2
PC
192.168.1.3
Eudemon
s0/0/0
202.169.10.1
e0/0/0
192.168.1.1
Trust
Untrust
Data packet1:
Source: 192.168.1.3
Destination: 202.120.10.2
Data packet2:
Source: 202.120.10.2
Destination: 202.169.10.1
Data packet1:
Source: 202.169.10.1
Destination: 202.120.10.2
.
Data packet2:
Source: 202.120.10.2
Destination: 192.168.1.3
PC
202.130.10.3
Internet
Serv er
202.120.10.2
Serv er
192.168.1.2
PC
192.168.1.3
Eudemon
s0/0/0
202.169.10.1
e0/0/0
192.168.1.1
Trust
Untrust
Data packet1:
Source: 192.168.1.3
Destination: 202.120.10.2
Data packet2:
Source: 202.120.10.2
Destination: 202.169.10.1
Data packet1:
Source: 202.169.10.1
Destination: 202.120.10.2
.
Data packet2:
Source: 202.120.10.2
Destination: 192.168.1.3