Wednesday, March 26, 2014


Nice intro on NAT:

Source IP addresses are changed to the exterior IP address of the Nat Host

Source Port numbers are changed to a unique value

transalted session must be saved in a state table.

Return traffic is matched in the state table and destination IP and port numbers are modified accordingly.

- impossible to map the real topology of the network.

- interior hosts are NOT reachable from the internet.

IP masquerading IS NOT a TRUE NAT implementation.(Linux 2.2.x kernels)

Linux 2.4.x kernels uses IPTables which provides NAT. It is TRUE NAT.

No comments:

Post a Comment