Wednesday, March 26, 2014

NAT




Nice intro on NAT:




Source IP addresses are changed to the exterior IP address of the Nat Host

Source Port numbers are changed to a unique value

transalted session must be saved in a state table.

Return traffic is matched in the state table and destination IP and port numbers are modified accordingly.


- impossible to map the real topology of the network.

- interior hosts are NOT reachable from the internet.


IP masquerading IS NOT a TRUE NAT implementation.(Linux 2.2.x kernels)

Linux 2.4.x kernels uses IPTables which provides NAT. It is TRUE NAT.


http://bio3d.colorado.edu/tor/sadocs/tcpip/nat.html#true%20nat

No comments:

Post a Comment