Reprinted: https://blog.csdn.net/hanzhen7541/article/details/79064013
NAT (Network Address Translation) protocol: a protocol for converting between private addresses and global addresses.
First of all, what is a private address? A private address is an internal address that cannot be used on the Internet (the router will discard packets addressed to this address). These addresses cannot be used on the public network and can only be used inside the local area network. There are three types of private addresses: ①10.0.0.0~10.255.255.255/8 ②172.16.0.0~172.31.255.255/12 ③192.168.0.0~192.168.255.255/16 These IP addresses are used for private networks. Corresponding to it is the global address, which is the regular address of your own computer, which is recognized by the entire network. For example, everyone has their own name and can be recognized wherever they go. This is their global address; but the nickname in the class is the private address, which is known only to the people in the class, and no one else is outside. Know who this nickname corresponds to. Wouldn't it be good for everyone to have a global address? Why bother to take a "nickname" internal address? This involves the issue of insufficient IPv4 networks. IPv4 addresses continue to increase with the increasing pressure of users, but there are many private addresses under the IP address of each router. External messages only need to find this router, and this router can find the real destination host and pass it to it. Each router can be assigned many private addresses, and the private addresses of different routers can be repeated, just as the "Ergouzi" of the same class and the "Ergouzi" of the second class are not the same person. Through this address translation, Can greatly increase the address capacity.
In addition, the NAT protocol also considers network security. The internal network has its own security considerations, so as long as the router does not forward messages with internal addresses, these messages will not easily go to the public network to ensure security. The working process of the NAT protocol is as follows:
Suppose a host with a private address of 10.1.0.2 wants to access the Internet server 162.105.192.12, then first it sends the message to the NAT router. The router records its intranet address and port, and assigns it a global address and global port. This address relationship is recorded in the NAT routing table. Then send it to the server according to the destination address. After a period of time, the server responds to the request to the NAT router, then the router converts it to the corresponding host address according to the NAT routing table according to the destination address and port (which is global at this time), and then sends it to the host, so that the host receives the response from the server . From the above process, you can see the role of the NAT router: replace the source address of the outbound packet; record the mapping relationship in the NAT translation table; replace the destination address of the inbound packet. The routing table of NAT is as follows:
