beautypg.com

4 nat-- network address translation – PLANET ADN-4000 User Manual

Page 57

background image

3.3.4 NAT-- Network Address Translation

Overview

Setting up the NAT function

¾

The DSL Router comes equipped with the NAT (Network Address Translation)

function. With address mapping, several users in the local network can access the
Internet via one or more public IP addresses. All the local IP addresses are assigned
to the router's public IP address by default.

¾

One of the characteristics of NAT is that data from the Internet is not allowed into the

local network unless it has been explicitly requested by one of the PCs in the
network. Most Internet applications can run behind the NAT firewall without any
problems. For example, if you request Internet pages or send and receive e-mails,
the request for data from the Internet comes from a PC in the local network, and so
the router allows the data through. The router opens precisely one port for the
application. A port in this context is an internal PC address, via which the data is
exchanged between the Internet and a client on a PC in the local network.
Communicating via a port is subject to the rules of a particular protocol (TCP or
UDP).

¾

If an external application tries to send a call to a PC in the local network, the router

will block it. There is no open port via which the data could enter the local network.
Some applications, such as games on the Internet, require several links, i.e. several
ports so that the players can communicate with each other. In addition, these
applications must also be permitted to send requests from other users on the
Internet to users in the local network. These applications cannot be run if Network
Address Translation (NAT) has been activated.

¾

Using port forwarding (the forwarding of requests to particular ports) the router is

forced to send requests from the Internet for a certain service, e.g. a game, to the
appropriate port(s) on the PC on which the game is running. Port triggering is a
special variant of port forwarding. Unlike port forwarding, the DSL Router forwards
the data from the port block to the PC which has previously sent data to the Internet
via a certain port (trigger port). This means that approval for the data transfer is not
tied to one specific PC in the network, but rather to the port numbers of the required
Internet service. Where configuration is concerned, this means: You have to define
a so-called trigger port for the application and also the protocol (TCP or UDP) that
this port uses. You then assign the public ports that are to be opened for the
application to this trigger port. u The router checks all outgoing data for the port
number and protocol. If it identifies a match of port and protocol for a defined trigger

57