beautypg.com

Vpn and network address translation (nat), Private subnet, Private ip addresses – equinux VPN Tracker 8.1.1 User Manual

Page 71: Network address translation (nat)

background image

VPN and Network Address

Translation (NAT)

VPN Tracker provides reliable VPN connectivity, even through

routers that perform Network Address Translation (NAT). This

chapter explains the technical background of Network

Address Translation, the different NAT-Traversal methods

available, and how VPN Tracker makes everything work

seamlessly.

Private IP Addresses

In the early years of the Internet, each computer had a worldwide unique IP
address. When it became clear that the Internet was growing rapidly and
would soon run out of IP addresses, certain blocks of IP addresses were re-
served for use on private networks. These private IP addresses can be used
over and over again in different private networks, they do not have to be
unique worldwide.

The following IP address ranges are reserved for private use:

First IP Address

Last IP Address

Number of IP Addresses

192.168.0.0

192.168.255.255

65 536

10.0.0.0

10.255.255.255

16 777 216

172.16.0.0

172.31.255.255

1 048 576

Network Address Translation (NAT)

When a computer with a private IP address accesses the Internet, it sends the
request through its local router. The local router cannot simply forward the
request to the Internet: The sender’s private IP address is not unique outside
its particular private network – in fact there can be millions of computers on
the Internet worldwide that have the same private IP address at any given

moment! Instead, it makes a few changes to the sender’s information in the
request:

‣ It replaces the private IP address of the sender with its own public IP ad-

dress.

‣ If necessary, it changes the outgoing network port number so no other

computer communicating with the recipient of the request uses the same
network port (it also remembers which port was used by which computer
on its private network).

It then forwards the request to the Internet.

When responses come back, the process needs to be reversed. Responses will
come back on the same network port the request was sent out. The router
can therefore easily look up which computer sent the original request.

‣ The router replaces the recipient of the response with the private IP ad-

dress of the computer who sent the original request.

‣ If it had to change the network port, the router puts back the original net-

work port.

It then forwards the response to its private network.

The entire process is called Network Address Translation (NAT). If you have a
DSL or wireless router (e.g. an AirPort Base Station) at home, it is very likely
performing Network Address Translation. In most offices, hotels, and Internet
cafes you will be connecting to a private network that has a NAT router for
accessing the Internet.

71

This manual is related to the following products:
See also other documents in the category equinux Software: