Re: [leaf-user] Combining NAT with PAT

Thu, 06 Jun 2002 17:53:30 -0700 

On Thu, 6 Jun 2002, Nachman Yaakov Ziskind wrote:

> Omar D. Samuels wrote (on Thu, Jun 06, 2002 at 05:09:49PM -0500):
> | What do you mean, I still don't understand.
> | 
> | > | One learns something new everyday... does PAT stand for Private Address
> | > | Translation?
> | >
> | > NAT = Network Address Translation (one to one).
> | > PAT = Port Address Translation (one to many).
> | >
> | > | Is it different from NAR (Network Address Retention)?
> | >
> | > Dunno. :-)
> 
> In NAT, the router essentially changes the source IP number to some other
> (presumably better :-) one, and makes no other changes. So, your network
> address is hidden, but you still need one public IP address for every host on
> your network. 

I am not aware of how to do this in Linux.  The 2.0 kernel certainly
cannot, I vaguely recall hearing that it is possible with 2.2/ipchains,
and I think 2.4/iptables should be able to but cannot confirm.

More commonly, to get something approximating what you want a DMZ is set
up and either bridge/firewalled or proxyarp/firewalled.

> In PAT, the router changes the port number as well (to some random port
> number), and keeps track of a table consisting of: the original source IP
> number, and the port coded to the packet. The point is that the router can
> inspect the reply packet, check the table, and send it off to the machine that
> sent the source packet because it knows the port it arrived on. So, many hosts
> can use the same IP number.

This is called "masquerading" in Linux, and is quite well supported.

---------------------------------------------------------------------------
Jeff Newmiller                        The     .....       .....  Go Live...
DCN:<[EMAIL PROTECTED]>        Basics: ##.#.       ##.#.  Live Go...
                                      Live:   OO#.. Dead: OO#..  Playing
Research Engineer (Solar/Batteries            O.O#.       #.O#.  with
/Software/Embedded Controllers)               .OO#.       .OO#.  rocks...2k
---------------------------------------------------------------------------


_______________________________________________________________

Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm

------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html

Reply via email to