Справочник Пользователя для Netopia R5000
Understanding Netopia NAT Behavior C-5
As you can see, when Workstation A and Workstation B transmit an IP packet to the WWW ser ver on the
Internet, they have unique source IP addresses on the LAN inter face but potentially the same source por ts,
which in this case is 400. When the Netopia R5000 Series Router receives these packets, the source IP
addresses are substituted with the single globally unique IP address that was acquired on the WAN inter face,
which is 200.1.1.40.
Internet, they have unique source IP addresses on the LAN inter face but potentially the same source por ts,
which in this case is 400. When the Netopia R5000 Series Router receives these packets, the source IP
addresses are substituted with the single globally unique IP address that was acquired on the WAN inter face,
which is 200.1.1.40.
Now both IP packets have the exact same source IP address (200.1.1.40) and source por ts (400). The Netopia
R5000 Series Router is then able to distinguish between the two IP packets by changing the source TCP or UDP
por ts and keeping this information in an internal table. As seen above, the source por t for Workstation A has
been changed to 5001 and the source por t for Workstation B has been changed to 5002.
R5000 Series Router is then able to distinguish between the two IP packets by changing the source TCP or UDP
por ts and keeping this information in an internal table. As seen above, the source por t for Workstation A has
been changed to 5001 and the source por t for Workstation B has been changed to 5002.
If you were to look at the internal por t mapping table that is maintained by the Netopia R5000 Series Router, it
would look similar to the following:
would look similar to the following:
With this information the Netopia R5000 Series Router can determine the appropriate routing for an IP
response from the Internet. In this case, when the WWW ser ver responds with a destination por t of 5001, the
Netopia R5000 Series Router can see that this packet's destination on the local LAN inter face is actually
Workstation A at IP address 192.168.5.2. Likewise, with the response for por t 5002, the Netopia R5000
Series Router can see that this packet's destination on the local LAN inter face is actually Workstation B at IP
address 192.168.5.3.
response from the Internet. In this case, when the WWW ser ver responds with a destination por t of 5001, the
Netopia R5000 Series Router can see that this packet's destination on the local LAN inter face is actually
Workstation A at IP address 192.168.5.2. Likewise, with the response for por t 5002, the Netopia R5000
Series Router can see that this packet's destination on the local LAN inter face is actually Workstation B at IP
address 192.168.5.3.
E
E
E
Exxxxp
p
p
po
o
o
orrrrttttee
e
ed
d
d
d ssssee
e
errrrvvv
viiiiccccee
e
essss
Note that this “automatic” por t remapping and IP address substitution only works in one direction – for IP
packets that originated on the LAN inter face destined to the WAN inter face and the Internet. In order for por t
remapping and IP address substitution to work in the other direction – that is, hosts on the Internet that want to
originate an IP packet destined to a host on the Netopia R5000 Series Router’s LAN inter face – a manual
redirection of TCP or UDP por ts as well as destination IP addresses within the Netopia R5000 Series Router is
required. This manual por t remapping and IP address substitution is accomplished by setting up expor ted
ser vices.
packets that originated on the LAN inter face destined to the WAN inter face and the Internet. In order for por t
remapping and IP address substitution to work in the other direction – that is, hosts on the Internet that want to
originate an IP packet destined to a host on the Netopia R5000 Series Router’s LAN inter face – a manual
redirection of TCP or UDP por ts as well as destination IP addresses within the Netopia R5000 Series Router is
required. This manual por t remapping and IP address substitution is accomplished by setting up expor ted
ser vices.
Expor ted ser vices are essentially user-defined pointers for a par ticular type of incoming TCP or UDP ser vice
from the WAN inter face to a host on the local LAN inter face. This is necessar y since the Netopia R5000 Series
Router and thus the attached local LAN has only one IP presence on the WAN inter face and Internet. Expor ted
ser vices allows the user to redirect one type of ser vice – for example Por t 21 (FTP) – to a single host on the
local LAN inter face. This will then allow the Netopia R5000 Series Router to redirect any packets coming in
from the Internet with the defined destination TCP or UDP por t of por t 21 (FTP) to be redirected to a host on the
local LAN inter face.
from the WAN inter face to a host on the local LAN inter face. This is necessar y since the Netopia R5000 Series
Router and thus the attached local LAN has only one IP presence on the WAN inter face and Internet. Expor ted
ser vices allows the user to redirect one type of ser vice – for example Por t 21 (FTP) – to a single host on the
local LAN inter face. This will then allow the Netopia R5000 Series Router to redirect any packets coming in
from the Internet with the defined destination TCP or UDP por t of por t 21 (FTP) to be redirected to a host on the
local LAN inter face.
For example, suppose the WWW ser ver on the Internet with the IP address of 163.176.4.32 wants to access
Workstation B on the Netopia R5000 Series Router’s local LAN inter face which is operating as an FTP ser ver.
The IP address for Workstation B is 192.168.5.3, which is not a valid IP address, and thus the WWW ser ver on
the Internet cannot use this IP address to access Workstation B.
Workstation B on the Netopia R5000 Series Router’s local LAN inter face which is operating as an FTP ser ver.
The IP address for Workstation B is 192.168.5.3, which is not a valid IP address, and thus the WWW ser ver on
the Internet cannot use this IP address to access Workstation B.
Source LAN IP Source LAN Port Remapped LAN Port
192.168.5.2 TCP 400 TCP 5001
192.168.5.3 TCP 400 TCP 5002
192.168.5.2 TCP 400 TCP 5001
192.168.5.3 TCP 400 TCP 5002