2.1.4 Network Address Translation
NAT (network address translation) is an interesting trick that allows
Dick and Harry connect to the Internet through Tom in our example.
An IP connection connects from a source port from a requesting
computer to a destination port of the destination computer. This means
that when Harry wants to connect to yahoo.com, it picks a source port,
say 15923, and attempts to connect to a destination port 80 of
the IP address 66.94.234.13.
This is where it gets interesting. The following is the sequence of
events:
- Harry tries to connect from its IP address, 192.168.0.102 and
from port 15923, to port 80 of 66.94.234.13.
- Since 66.94.234.13 is not in the LAN, Harry decides to ask
Tom to ``forward'' the request. When Harry talks to Tom,
Tom's IP address is 192.168.0.100.
- Here comes the cool part. Tom receives the request from
Harry. Tom records both the port number (15923) and the
IP address (192.168.0.102) of Harry.
- Tom proceeds to forward the request (to connect) to the
internet via it's IP address 52.69.12.7, and port that Tom
chooses, say 5829.
- Yahoo.com receives the request as if it originated
from Tom. Yahoo replies to Tom as 52.69.12.7 via port
5829.
- Tom recognizes that port 5829 corresponds to a forwarded
request from Harry via port 15923.
- Tom forwards the reply from yahoo.com (66.94.234.13) to
port 15923 of Harry (192.168.0.102).
- Harry receives the reply as if it received it directly from
yahoo.com.
The key of this trick is that Tom tracks the the source port from
Harry, and translate that port to one of its own ports. This way,
all activities of Tom's exterior port (5829) are relayed to Tom's
interior port (15923), and vice versa.
Note that there are different variants of NAT. For the purposes of this
class, however, we will not get into variants of NAT.
Copyright © 2006-05-10 by Tak Auyeung
