I have sort of a vague idea of how NAT (is that Network Address
Translation), and I'll describe it here in my own words:
Assume I have an Internet gateway box (call it IGateway, with two IPs,
192.168.0.10 on my local internet, and a dynamic IP on the Internet), a
workstation (call it WStation, with IP 192.168.0.1), and I want to talk
browse to the slashdot home page, www.slashdot.org, at IP 64.28.67.150.
My gateway runs NAT (IPRoute for Dos). Then (oversimplified):
1. Nobody on the Internet side of the gateway can initiate a connection
with me (because IPRoute is set up to disallow such connections).
2. When I initiate a connection to slashdot:
a. WStation sends a packet out its Ethernet port for 64.28.67.150. (Or
maybe it knows that 64.28.67.150 is outside the local LAN, so it sends
it to IGateway at 192.168.0.10??)
b. IGateway recognizes that the packet is for the Internet (i.e., not
for another box on the LAN), and forwards it out its (modem, dial up)
port to the Internet, after changing its return address from 192.168.0.1
to IGateway's dynamic IP address. IGateway makes a note that the
packets it sent to 64.28.67.150 came from 192.168.0.1.
c. The packet hops from place to place, finally arriving at
www.slashdot.org. www.slashdot.org then starts sending packet(s) back
my way, but they are addressed to the dynamic address of IGateway, not
to 192.168.0.1.
d. The return packet hops from place to place, finally arriving at
IGateway. IGateway notes that the packet came from 64.28.67.150 and
remembers that the packets sent to 64.28.67.150 came from 192.168.0.1.
Therefore, IGateway changes the destination on those packets from its
dynamic IP address to 192.168.0.1 and forwards them out the its LAN
Ethernet port to WStation.
I know the above is oversimplified, but I hope it's reasonably correct.
(I'm pretty sure I should have talked about sending packets to MAC
addresses at times, but I don't know or remember enough to do that, and
I think (??) this oversimplified view is adequate for my purposes.)
Now my question:
Can somebody tell me what is different about a proxy server? (In some
similar oversimplified but reasonably correct and adequate form)
Thanks,
Randy Kramer
