Napt, Internal server – H3C Technologies H3C S12500 Series Switches User Manual
Page 109
95
NOTE:
The number of public IP addresses that a NAT device needs is usually far less than the number of internal
hosts because not all internal hosts access external networks at the same time. The number of public IP
addresses is related to the number of internal hosts that might access external networks simultaneously
during peak hours.
NAPT
Network Address Port Translation (NAPT) is a variation of basic NAT. It allows multiple internal addresses
to be mapped to the same public IP address, which is called multiple-to-one NAT, or address
multiplexing.
NAPT mapping is based on both the IP address and the port number. With NAPT, packets from multiple
internal hosts are mapped to the same external IP address with different port numbers.
Figure 45 NAPT operation
As shown in
, three IP packets arrive at the NAT device. Packets 1 and 2 are from the same
internal address but have different source port numbers. Packets 1 and 3 are from different internal
addresses but have the same source port number. NAPT maps the three IP packets to the same external
address but with different source port numbers. Therefore, the packets can still be differentiated. When
receiving the response packets, the NAT device forwards them to the corresponding hosts according to
the destination addresses and port numbers.
NAPT can better utilize IP address resources, enabling more internal hosts to access the external network
at the same time.
Internal server
NAT hides the internal network structure, including the identities of internal hosts. However, some internal
hosts such as an internal web server or FTP server might need to be accessed by external hosts. NAT
meets this need by supporting internal servers.
You can configure an internal server on the NAT device by mapping a public IP address and port number
to the private IP address and port number of the internal server. For instance, you can configure an
address like 20.1.1.12:8080 as an internal web server’s external address and port number.
In
, when the NAT device receives a packet destined for the public IP address of an internal
server, it looks in the NAT entries and translates the destination address and port number in the packet
192.168.1.1
20.1.1.1
1.1.1.2
Server
NAT
Intranet
Internet
192.168.1.2
Host A
192.168.1.3
Host B
Packet 1
Src : 192.168.1.2:1111
Packet 2
Src : 192.168.1.2:2222
Packet 3
Src : 192.168.1.3:1111
Packet 1
Src : 20.1.1.1:1001
Packet 2
Src : 20.1.1.1:1002
Packet 3
Src : 20.1.1.1:1003
Before NAT
192.168.1.2:1111
After NAT
20.1.1.1:1001
Direction
Outbound
192.168.1.2:2222
20.1.1.1:1002
Outbound
192.168.1.3:1111
20.1.1.1:1003
Outbound