NAT功能与分类
来源:互联网 发布:sql查询重复值 编辑:程序博客网 时间:2024/05/20 18:45
Full Cone: A full cone NAT is one where all requests from the same internal IP address and port are mapped to the same external IP address and port. Furthermore, any external host can send a packet to the internal host, by sending a packet to the mapped external address. Restricted Cone: A restricted cone NAT is one where all requests from the same internal IP address and port are mapped to the same external IP address and port. Unlike a full cone NAT, an external host (with IP address X) can send a packet to the internal host only if the internal host had previously sent a packet to IP address X. Port Restricted Cone: A port restricted cone NAT is like a restricted cone NAT, but the restriction includes port numbers. Specifically, an external host can send a packet, with source IP address X and source port P, to the internal host only if the internal host had previously sent a packet to IP address X and port P. Symmetric: A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host.
RFC4787中,介绍了NAT的功能,将NAT功能分为两部分: mapping 和filtering
mapping指数据包出去时,如何映射为外网的ip+port;
filtering指当外面的数据包到达NAT时,决定是否将数据包转发进入内网pc.
The following address and port mapping behavior are defined:
Endpoint-Independent Mapping:
The NAT reuses the port mapping for subsequent packets sent
from the same internal IP address and port (X:x) to any
external IP address and port. Specifically, X1’:x1’ equals
X2’:x2’ for all values of Y2:y2.
Address-Dependent Mapping:
The NAT reuses the port mapping for subsequent packets sent
from the same internal IP address and port (X:x) to the same
external IP address, regardless of the external port.
Specifically, X1’:x1’ equals X2’:x2’ if and only if, Y2 equals
Y1.
Address and Port-Dependent Mapping:
The NAT reuses the port mapping for subsequent packets sent
from the same internal IP address and port (X:x) to the same
external IP address and port while the mapping is still active.
Specifically, X1’:x1’ equals X2’:x2’ if and only if, Y2:y2
equals Y1:y1.
The key behavior to describe is what criteria are used by the NAT to
filter packets originating from specific external endpoints.
Endpoint-Independent Filtering:
The NAT filters out only packets not destined to the internal
address and port X:x, regardless of the external IP address and
port source (Z:z). The NAT forwards any packets destined to
X:x. In other words, sending packets from the internal side of
the NAT to any external IP address is sufficient to allow any
packets back to the internal endpoint.
Address-Dependent Filtering:
The NAT filters out packets not destined to the internal
address X:x. Additionally, the NAT will filter out packets
from Y:y destined for the internal endpoint X:x if X:x has not
sent packets to Y:any previously (independently of the port
used by Y). In other words, for receiving packets from a
specific external endpoint, it is necessary for the internal
endpoint to send packets first to that specific external
endpoint’s IP address.
Address and Port-Dependent Filtering:
This is similar to the previous behavior, except that the
external port is also relevant. The NAT filters out packets
not destined for the internal address X:x. Additionally, the
NAT will filter out packets from Y:y destined for the internal
endpoint X:x if X:x has not sent packets to Y:y previously. In
other words, for receiving packets from a specific external
endpoint, it is necessary for the internal endpoint to send
packets first to that external endpoint’s IP address and port.
测试 NAT类型的工具:
1. http://nattest.net.in.tum.de/test.php
2. winstun,测试时使用stun服务器stun.iptel.org
- NAT功能与分类
- NAT分类
- NAT分类
- NAT分类
- NAT分类
- NAT分类
- NAT分类和利弊
- NAT 简介分类作用
- NAT与NAT穿透
- NAT与NAT穿透
- NAT与NAT穿透
- NAT与NAT穿透
- NAT与NAT穿越
- 【操作系统】操作系统的功能管理与分类
- JavaScript_Math函数与属性按功能分类
- Spark 中算子功能与分类介绍
- Spark 中算子功能与分类介绍
- 路由器NAT功能配置
- Google Map Android v2开发: 安装运行Google Map Android v2 示例程序
- Linux 创建LVM及扩展文件系统
- 西方为何超越了东方,而更野蛮的非洲被殖民了,而次大陆,南美没有
- php-rabbit扩展安装[最终成功版]
- js隐藏a标签超链接
- NAT功能与分类
- android surfaceflinger研究----Surface机制
- Linux下创建安装程序的快捷方式
- Android应用 程序框架设计方法
- c++虚表 内存分配
- UniSwf使用的基础教程
- 新版adt打包问题
- mysql update完root用户密码后,再登陆报错”Access denied for user 'root'@'localhost' (using password: YES)“的解决方法
- linux远程拷数据