NAT (Network Address Translation Technology) in detail, what is the difference between NAT and NAPT?

Intranet penetration, also known as NAT penetration, is a network address translation technology; NAT penetration is performed so that packets with a particular source IP address and source port number are not blocked by the NAT device and are correctly routed to the intranet host. In a data center network, intranet passthrough maps private addresses to the public network, and at the same time it solves the problem of IP address scarcity and meets the user's application requirements for IP addresses.

For the intranet penetration technology in the basic NAT and NAPT, as well as NAPT in the symmetric NAT and asymmetric NAT of the difference, you may not be very understanding, here I come to you in detail to say that these two types of intranet penetration.

In general, our data center servers are generally divided into two NICs, one to provide an intranet, one to provide an extranet, intranet access we generally use a private address, and extranet access using a public **** address. According to the current network development trend, the number of public **** addresses is limited, while the intranet uses a large number of private addresses, through the intranet penetration technology, you can realize the conversion of private and public addresses.

Intranet penetration technology is generally divided into two categories, one is the basic NAT, the other is NAPT. basic NAT is the private address into the public IP address, but will not be the TCP / UDP port information conversion, and there is a dynamic and static distinction. NAPT, however, is the more familiar translation method that maps private addresses to public network addresses, with the addition of TCP ports selected by the NAT device. Therefore, NAPT is also divided into symmetric NAT and asymmetric NAT.

Symmetric NAT

This type of NAT, also known as conical NAT, allows a private address device to connect to an outside server with a single IP address, and mapped on the NAT server No is the same IP address, in other words, the private address and the port have only a single NAT exit, belonging to a one-to-many relationship.

Asymmetric NAT

What is asymmetric NAT?In fact, conical NAT can also be called asymmetric NAT.Asymmetric NAT is the opposite of symmetric NAT in that it assigns a new port number to each new painting, whereas symmetric NAT does not guarantee consistency between private addresses and ports in a session.

Of course, NAT technology is more than just the above, it is a very diverse set of technologies, and different technologies are used for different network requirements. The peanut shells intranet penetration using intranet penetration technology is NAT-DDNS technology, mainly the use of shake the domain name service and network address translation server to achieve dynamic mapping of public and private networks. The technology and traditional DDNS technology compared to its difficulty factor is larger, mainly using the domain name + port access.

NAT is a necessary technology for data networks, it is often used in data centers at the exit of the network, to achieve the purpose of internal access to the outside of the data center, or external access to internal data traffic to go through the NAT device, to ensure that the security of access. Once the NAT problem, often cause network access obstacles, and even data security issues.

The function of intranet penetration can get rid of the problem of no public IP and NAT forwarding leading to unavailability, and at the same time, support for public IP resolution, solving the problem of dynamic domain name resolution faced by domestic users, but also allowing all friends in the Internet to access, very convenient.