Network Address Translation
- Network Address Transnation (NAT): hide the IP addresses of computers on the LAN but still enable those computers to communicate with the broader network
The Setup
- requires a block of unique IP addresses
- basic NAT: router replaces the source IP with its outside interface address on outgoing packets
- dynamic NAT: many computers can share a pool of routable IP addresses
Port Address Translation
- Port Address Translation (PAT): uses port numbers to map traffic from specific machines in the network
- when the receiving system sends the packet back it reverses the IP addresses and ports
Port Forwarding
- Static NAT: maps a single routable IP address to a single machine
- port forwarding: can designate a specific local address for various network services
-> computers outside the network can request a service using the public IP address and the port number for the service
-> can be used to hide a service hosted inside a network by changing the default port number
Configuring NAT
- by default, routers are set to Gateway which means NAT is turned on
Dynamic Routing
- routers have static routes
- most routers have the capability to update their routes dynamically
Routing Metrics
- metric: a relative value that routers use when they have more than one route to get to another network
- a router will choose the route with the lowest value IP address
- there is no single rule to set the metric value in a routing table
- Maximum Transmission Unit:
-> determines the largest frame a particular technology can handle
Distance Vector
- Distance Router:
-> calculate the total cost to get to a particular network ID and compare that cost to the total cost of all the other routes
- each distance vector routing protocol has a maximum number of hops that a router will send its routing table to keep traffic down
- convergence (steady state): the updating of the routing tables for all the routers has completed
RIPv1
- Routing Information Protocol(RIP): has a maximum hop count of 15
- variable-length subnet masking (VLSM): networks connected through the router using different subnet masks
RIPv2
- current version of RIP
- VLSM has been added and authentication is built into the protocol
- obsolete for small private WANs that consist of a few routers
It took me a long while to wrap my head around the word "port", which is used so often in networking without ever really describing (to my satisfaction, at least) what it is. In your notes today, for example, you mention port twice: "port address translation" (associated with basic NAT), and "port forwarding". As is often the case, I found the Wikipedia entry most helpful: http://en.wikipedia.org/wiki/Port_(computer_networking) . Reading the first paragraph of this definition reveals why it is such a difficult concept to grasp: "a port is an application-specific or process-specific software construct serving as a communications endpoint in a computer's host operating system." Yikes! Once again, I found setting up my home network to be the thing that helped me make sense of this. Let's start with NAT. I have a home network which shares a single IP address with about a dozen computing devices (my 4 laptops, my wife and son's laptops, our printer, my ipod touch, Android tablet, Kindel, etc.) How is this possible? Well, when the NAT box (our router) receives network packets from any of the devices on our little LAN, it does the following:
ReplyDelete1. assigns a port number to that machine's local IP address, and adds an entry to a table it keeps mapping NAT port numbers to local IPs.
2. replaces the unroutable local IP address with it's own routable IP address.
3. sends the packet on to its destination.
When it receives an incoming packet with one of the NATed port numbers, it:
1. looks up the local IP in the table mapping NATed ports to local IPs.
2. replaces its IP with the local one in the destination portion of the packet.
3. send the packet on to its local destination.
Pretty cool, right!?
Port forwarding, is related, but not exactly the same. Here a standard network port (like port 80, the http port, for example) is setup to be sent on to another machine in the network instead of handled by the router itself.
Remind me to draw you a quick diagram on the white board showing you how you can ssh into a router if the ssh port has been forwarded to another machine. Actually setting that up helped me wrap my head around how port forwarding works.