SlideShare ist ein Scribd-Unternehmen logo

Nad710 Network Address Translation

Als PPT, PDF herunterladen
T
tmavroidis

Network Address Translation

Technologie
1 von 20
NAD710 - Introduction to Networks Using Linux   Network Address Translation May 28, 2003 Professor Tom Mavroidis
Introduction IP Internet has had two most significant problems: ,[object Object],[object Object],[object Object],The first short-term solution was: Two types of solutions proposed: short-term and long-term
The long-term solutions consist of various proposals for new Internet protocols with larger addresses (IPv6) When CIDR failed to further maintain the IP internet structure, there came another proposal : N A T NAT is not a very far reaching or long term solution But at least it is very fast, provides extra time until better solutions are designed and almost independent from the outer networks. Proposals
When is a NAT Solution Required ? ,[object Object],[object Object],[object Object],[object Object],[object Object]
NAT is translation of either a subset or all of the IP addresses in a sub domain to globally unique address(es). From an operational point of view, it is a function imposed on the router. That is a router on the gateway border to be configured as a Network Address Translator. What is NAT?
[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],Three Main Implementations
RFC 1631 RFC 2694 ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],The RFC’s are as follows
IP chains implementation ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
IP chains flow of events: Local processes CRC INPUT chain Inbound packet OK Malformed? garbage yes error Deny-reject Accept packet Routing algorithm Local destination Outbound packet Malformed? forwarded packet no no FORWARD chain Deny-reject yes Malformed? yes Outbound packet no OUTPUT chain Deny-reject Outbound packet
Enable IP forwarding for the kernel Execute: echo “1” > /proc/sys/net/ipv4/ip_forward Or make it permanent ( persistent between boots ) with assigning the variable IP_FORWARD = yes in /etc/sysconfig/sysctl file This will ensure basic router functionality Use /sbin/ipchains-save > afilename to save the rules Use /sbin/ipchains-restore < afilename to restore the rules To get this thing going
IP chains syntax ipchains –[flags] [input | outout | forward | custom_chain] [options] [action] ipchains –M [-L | -S] [options] A very simple example with IP Masquerading: ROUTER WITH NAT 10.1.1.1 eth1 202.7.1.19 eth0 Internet Internal net 10.0.0.0
IP tables with Netfilter ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
[object Object],Filter table: Local processes Routing algorithm FORWARD chain OUTPUT chain INPUT chain Inbound packet Outbound packet INBOUND PACKET FLOW INBOUND PACKET FLOW FROM A LOCAL PROCESS
[object Object],[object Object],nat table: Local processes Routing algorithm POSTROUTING chain OUTPUT chain PREROUTING chain Inbound packet Outbound packet INBOUND PACKET FLOW INBOUND PACKET FLOW FROM A LOCAL PROCESS
[object Object],mangle table: Local processes Routing algorithm OUTPUT chain PREROUTING chain Inbound packet Outbound packet INBOUND PACKET FLOW INBOUND PACKET FLOW FROM A LOCAL PROCESS
IP tables syntax iptables –[flags] [chain] [options [extentions] ] [action] Syntax and examples: A very simple example with Static IP Translation: ROUTER WITH NAT 10.1.1.1 eth1 202.7.1.19 eth0 www ftp 10.1.1.4 10.1.1.5 Internet Internal net 10.0.0.0/8
192.168.0.1 192.168.0.14 192.168.1.15 192.168.0 192.168.1 192.168.1.13 192.168.0.16 192.168.1.16 RedHat 6.2 RedHat 6.2 ROUTER running SuSE 8.0 Windows 98 Windows 98 10 mb/s repeater 100 mb/s switch
192.168.0.1 192.168.0.14 192.168.1.15 ROUTER with NAT running SuSE 8.0 192.168.0 192.168.1 192.168.1.13 192.168.0.16 192.168.0.15 192.168.0.13 192.168.1.16 internet Windows 98 with NAT ppp RedHat 6.2 RedHat 6.2 Windows 98 100 mb/s switch 10 mb/s repeater
Why – Why not? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Bibliography: ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Empfohlen

Network address translation
Network address translationNetwork address translation
Network address translationKarppinen Ngoc Anh
 
Network address translation pdf
Network address translation pdfNetwork address translation pdf
Network address translation pdfMadhusudhan Anand
 
network address translate
network address translate network address translate
network address translate ahmedOday
 
Network address translation
Network address translationNetwork address translation
Network address translationMohak Kaushik
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NATNetProtocol Xpert
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)Amit Kumar , Jaipur Engineers
 

Empfohlen

Network address translation
Network address translationNetwork address translation
Network address translationKarppinen Ngoc Anh
 
Network address translation pdf
Network address translation pdfNetwork address translation pdf
Network address translation pdfMadhusudhan Anand
 
network address translate
network address translate network address translate
network address translate ahmedOday
 
Network address translation
Network address translationNetwork address translation
Network address translationMohak Kaushik
 
Network Address Translation (NAT)
Network Address Translation (NAT)Network Address Translation (NAT)
Network Address Translation (NAT)Joud Khattab
 
Dynamic NAT
Dynamic NATDynamic NAT
Dynamic NATNetProtocol Xpert
 
Network address translation
Network address translationNetwork address translation
Network address translationVarsha Honde
 
What is Network Address Translation (NAT)
What is Network Address Translation (NAT)What is Network Address Translation (NAT)
What is Network Address Translation (NAT)Amit Kumar , Jaipur Engineers
 
Nat
NatNat
NatHumaira Saleem
 
Nat pat
Nat patNat pat
Nat patCYBERINTELLIGENTS
 
Static NAT
Static NATStatic NAT
Static NATNetProtocol Xpert
 
Nat presentation
Nat presentationNat presentation
Nat presentationhassoon3
 
IP adress and routing(networking)
IP adress and routing(networking)IP adress and routing(networking)
IP adress and routing(networking)welcometofacebook
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
Internet Protocol Address
Internet Protocol AddressInternet Protocol Address
Internet Protocol Addressadil raja
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip addressHexa Howe
 
Unit 2 : Internet Address
Unit 2 : Internet AddressUnit 2 : Internet Address
Unit 2 : Internet AddressChandan Gupta Bhagat
 
Internet protocol (ip)
Internet protocol (ip)Internet protocol (ip)
Internet protocol (ip)junnubabu
 
Ipv4 and Ipv6
Ipv4 and Ipv6Ipv4 and Ipv6
Ipv4 and Ipv6Rishav Bhurtel
 
IPV4 vs IPV6
IPV4 vs IPV6IPV4 vs IPV6
IPV4 vs IPV6Devang Doshi
 
Ip v4 & ip v6
Ip v4 & ip v6Ip v4 & ip v6
Ip v4 & ip v6Ronan Dunne, CEH, SSCP
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6mithilak
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
Ipv4
Ipv4Ipv4
Ipv4asimnawaz54
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 
IPv4 and IPv6
IPv4 and IPv6IPv4 and IPv6
IPv4 and IPv6saurav kumar mourya
 
IPv4 VS IPv6
IPv4 VS IPv6IPv4 VS IPv6
IPv4 VS IPv6Humayra Khanum
 
Mac Filtering
Mac FilteringMac Filtering
Mac FilteringDevang Doshi
 
CCNA
CCNACCNA
CCNAAbhishek Parihari
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slidesadam_merritt
 

Weitere ähnliche Inhalte

Was ist angesagt?

Nat presentation
Nat presentationNat presentation
Nat presentationhassoon3
 
IP adress and routing(networking)
IP adress and routing(networking)IP adress and routing(networking)
IP adress and routing(networking)welcometofacebook
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)Netwax Lab
 
Internet Protocol Address
Internet Protocol AddressInternet Protocol Address
Internet Protocol Addressadil raja
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip addressHexa Howe
 
Internet protocol (ip)
Internet protocol (ip)Internet protocol (ip)
Internet protocol (ip)junnubabu
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6mithilak
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address TranslationEng. Emad Al-Atoum
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6Ankita Mahajan
 

Was ist angesagt? (20)

Nat
NatNat
Nat
 
Nat pat
Nat patNat pat
Nat pat
 
Static NAT
Static NATStatic NAT
Static NAT
 
Nat presentation
Nat presentationNat presentation
Nat presentation
 
IP adress and routing(networking)
IP adress and routing(networking)IP adress and routing(networking)
IP adress and routing(networking)
 
NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)NAT (network address translation) & PAT (port address translation)
NAT (network address translation) & PAT (port address translation)
 
Internet Protocol Address
Internet Protocol AddressInternet Protocol Address
Internet Protocol Address
 
What is a static ip address
What is a static ip addressWhat is a static ip address
What is a static ip address
 
Unit 2 : Internet Address
Unit 2 : Internet AddressUnit 2 : Internet Address
Unit 2 : Internet Address
 
Internet protocol (ip)
Internet protocol (ip)Internet protocol (ip)
Internet protocol (ip)
 
Ipv4 and Ipv6
Ipv4 and Ipv6Ipv4 and Ipv6
Ipv4 and Ipv6
 
IPV4 vs IPV6
IPV4 vs IPV6IPV4 vs IPV6
IPV4 vs IPV6
 
Ip v4 & ip v6
Ip v4 & ip v6Ip v4 & ip v6
Ip v4 & ip v6
 
IPv4 to IPv6
IPv4 to IPv6IPv4 to IPv6
IPv4 to IPv6
 
NAT- Network Address Translation
NAT- Network Address TranslationNAT- Network Address Translation
NAT- Network Address Translation
 
Ipv4
Ipv4Ipv4
Ipv4
 
IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6IPv6: Internet Protocol version 6
IPv6: Internet Protocol version 6
 
IPv4 and IPv6
IPv4 and IPv6IPv4 and IPv6
IPv4 and IPv6
 
IPv4 VS IPv6
IPv4 VS IPv6IPv4 VS IPv6
IPv4 VS IPv6
 
Mac Filtering
Mac FilteringMac Filtering
Mac Filtering
 

Ähnlich wie Nad710 Network Address Translation

Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slidesadam_merritt
 
Netfilter: Making large iptables rulesets scale
Netfilter: Making large iptables rulesets scaleNetfilter: Making large iptables rulesets scale
Netfilter: Making large iptables rulesets scalebrouer
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6Martin Schütte
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxjasembo
 
ccna project on topic company infrastructure
ccna project on topic company infrastructureccna project on topic company infrastructure
ccna project on topic company infrastructurePrince Gautam
 
cFrame framework slides
cFrame framework slidescFrame framework slides
cFrame framework slideskestasj
 
Improving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxImproving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxJose Saldana
 
1-Isp-Network-Design-1
1-Isp-Network-Design-11-Isp-Network-Design-1
1-Isp-Network-Design-1Justin Knight
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/LinuxAhmed Mekkawy
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2githe26200
 
Link i pv4
Link i pv4Link i pv4
Link i pv4NARESH A
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...Tarun Khaneja
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) pptDulith Kasun
 
Tcp ip management &amp; security
Tcp ip management &amp; securityTcp ip management &amp; security
Tcp ip management &amp; securityAsif Qureshi
 

Ähnlich wie Nad710 Network Address Translation (20)

CCNA
CCNACCNA
CCNA
 
Training Day Slides
Training Day SlidesTraining Day Slides
Training Day Slides
 
TCP/IP Basics
TCP/IP BasicsTCP/IP Basics
TCP/IP Basics
 
Netfilter: Making large iptables rulesets scale
Netfilter: Making large iptables rulesets scaleNetfilter: Making large iptables rulesets scale
Netfilter: Making large iptables rulesets scale
 
Short Introduction to IPv6
Short Introduction to IPv6Short Introduction to IPv6
Short Introduction to IPv6
 
Sharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linuxSharing your-internet-connection-on-linux
Sharing your-internet-connection-on-linux
 
Ccna Imp Guide
Ccna Imp GuideCcna Imp Guide
Ccna Imp Guide
 
ccna project on topic company infrastructure
ccna project on topic company infrastructureccna project on topic company infrastructure
ccna project on topic company infrastructure
 
Ccna pres
Ccna presCcna pres
Ccna pres
 
cFrame framework slides
cFrame framework slidescFrame framework slides
cFrame framework slides
 
Improving Network Efficiency with Simplemux
Improving Network Efficiency with SimplemuxImproving Network Efficiency with Simplemux
Improving Network Efficiency with Simplemux
 
1-Isp-Network-Design-1
1-Isp-Network-Design-11-Isp-Network-Design-1
1-Isp-Network-Design-1
 
Networking in Gnu/Linux
Networking in Gnu/LinuxNetworking in Gnu/Linux
Networking in Gnu/Linux
 
Session 2 Tp 2
Session 2 Tp 2Session 2 Tp 2
Session 2 Tp 2
 
Link i pv4
Link i pv4Link i pv4
Link i pv4
 
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
ccna summer training ppt ( Cisco certified network analysis) ppt. by Traun k...
 
Internet protocol (ip) ppt
Internet protocol (ip) pptInternet protocol (ip) ppt
Internet protocol (ip) ppt
 
Internet protocol
Internet protocolInternet protocol
Internet protocol
 
Tcp ip management &amp; security
Tcp ip management &amp; securityTcp ip management &amp; security
Tcp ip management &amp; security
 
L6 6 lowpan
L6 6 lowpanL6 6 lowpan
L6 6 lowpan
 

Mehr von tmavroidis

What Is Tcp Ip
What Is Tcp IpWhat Is Tcp Ip
What Is Tcp Iptmavroidis
 
Transport Layer
Transport LayerTransport Layer
Transport Layertmavroidis
 
Tcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport LayerTcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport Layertmavroidis
 
Splitting A Class C Network Into 4 Subnets
Splitting A Class C Network Into 4 SubnetsSplitting A Class C Network Into 4 Subnets
Splitting A Class C Network Into 4 Subnetstmavroidis
 
Physical And Data Link Layers
Physical And Data Link LayersPhysical And Data Link Layers
Physical And Data Link Layerstmavroidis
 
Network Basics
Network BasicsNetwork Basics
Network Basicstmavroidis
 
Nad710 Introduction To Networks Using Linux
Nad710 Introduction To Networks Using LinuxNad710 Introduction To Networks Using Linux
Nad710 Introduction To Networks Using Linuxtmavroidis
 
Manchester Encoding
Manchester EncodingManchester Encoding
Manchester Encodingtmavroidis
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commandstmavroidis
 
Ip Addressing Basics
Ip Addressing BasicsIp Addressing Basics
Ip Addressing Basicstmavroidis
 
Introduction To Networks Using Linux
Introduction To Networks Using LinuxIntroduction To Networks Using Linux
Introduction To Networks Using Linuxtmavroidis
 
Introduction To Networks
Introduction To NetworksIntroduction To Networks
Introduction To Networkstmavroidis
 
Dynamic Routing
Dynamic RoutingDynamic Routing
Dynamic Routingtmavroidis
 
About Connection Types
About Connection TypesAbout Connection Types
About Connection Typestmavroidis
 
What Is A Carrier
What Is A CarrierWhat Is A Carrier
What Is A Carriertmavroidis
 

Mehr von tmavroidis (18)

What Is Tcp Ip
What Is Tcp IpWhat Is Tcp Ip
What Is Tcp Ip
 
Transport Layer
Transport LayerTransport Layer
Transport Layer
 
Tcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport LayerTcp Udp Icmp And The Transport Layer
Tcp Udp Icmp And The Transport Layer
 
Splitting A Class C Network Into 4 Subnets
Splitting A Class C Network Into 4 SubnetsSplitting A Class C Network Into 4 Subnets
Splitting A Class C Network Into 4 Subnets
 
Samba
SambaSamba
Samba
 
Physical And Data Link Layers
Physical And Data Link LayersPhysical And Data Link Layers
Physical And Data Link Layers
 
Nfs
NfsNfs
Nfs
 
Network Basics
Network BasicsNetwork Basics
Network Basics
 
Nad710 Introduction To Networks Using Linux
Nad710 Introduction To Networks Using LinuxNad710 Introduction To Networks Using Linux
Nad710 Introduction To Networks Using Linux
 
Manchester Encoding
Manchester EncodingManchester Encoding
Manchester Encoding
 
Linux Networking Commands
Linux Networking CommandsLinux Networking Commands
Linux Networking Commands
 
Ip Addressing Basics
Ip Addressing BasicsIp Addressing Basics
Ip Addressing Basics
 
Introduction To Networks Using Linux
Introduction To Networks Using LinuxIntroduction To Networks Using Linux
Introduction To Networks Using Linux
 
Introduction To Networks
Introduction To NetworksIntroduction To Networks
Introduction To Networks
 
Dynamic Routing
Dynamic RoutingDynamic Routing
Dynamic Routing
 
Dns
DnsDns
Dns
 
About Connection Types
About Connection TypesAbout Connection Types
About Connection Types
 
What Is A Carrier
What Is A CarrierWhat Is A Carrier
What Is A Carrier
 

Kürzlich hochgeladen

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 

Kürzlich hochgeladen (20)

Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 

Nad710 Network Address Translation

  • 1. NAD710 - Introduction to Networks Using Linux   Network Address Translation May 28, 2003 Professor Tom Mavroidis
  • 2.
  • 3. The long-term solutions consist of various proposals for new Internet protocols with larger addresses (IPv6) When CIDR failed to further maintain the IP internet structure, there came another proposal : N A T NAT is not a very far reaching or long term solution But at least it is very fast, provides extra time until better solutions are designed and almost independent from the outer networks. Proposals
  • 4.
  • 5. NAT is translation of either a subset or all of the IP addresses in a sub domain to globally unique address(es). From an operational point of view, it is a function imposed on the router. That is a router on the gateway border to be configured as a Network Address Translator. What is NAT?
  • 6.
  • 7.
  • 8.
  • 9. IP chains flow of events: Local processes CRC INPUT chain Inbound packet OK Malformed? garbage yes error Deny-reject Accept packet Routing algorithm Local destination Outbound packet Malformed? forwarded packet no no FORWARD chain Deny-reject yes Malformed? yes Outbound packet no OUTPUT chain Deny-reject Outbound packet
  • 10. Enable IP forwarding for the kernel Execute: echo “1” > /proc/sys/net/ipv4/ip_forward Or make it permanent ( persistent between boots ) with assigning the variable IP_FORWARD = yes in /etc/sysconfig/sysctl file This will ensure basic router functionality Use /sbin/ipchains-save > afilename to save the rules Use /sbin/ipchains-restore < afilename to restore the rules To get this thing going
  • 11. IP chains syntax ipchains –[flags] [input | outout | forward | custom_chain] [options] [action] ipchains –M [-L | -S] [options] A very simple example with IP Masquerading: ROUTER WITH NAT 10.1.1.1 eth1 202.7.1.19 eth0 Internet Internal net 10.0.0.0
  • 12.
  • 13.
  • 14.
  • 15.
  • 16. IP tables syntax iptables –[flags] [chain] [options [extentions] ] [action] Syntax and examples: A very simple example with Static IP Translation: ROUTER WITH NAT 10.1.1.1 eth1 202.7.1.19 eth0 www ftp 10.1.1.4 10.1.1.5 Internet Internal net 10.0.0.0/8
  • 17. 192.168.0.1 192.168.0.14 192.168.1.15 192.168.0 192.168.1 192.168.1.13 192.168.0.16 192.168.1.16 RedHat 6.2 RedHat 6.2 ROUTER running SuSE 8.0 Windows 98 Windows 98 10 mb/s repeater 100 mb/s switch
  • 18. 192.168.0.1 192.168.0.14 192.168.1.15 ROUTER with NAT running SuSE 8.0 192.168.0 192.168.1 192.168.1.13 192.168.0.16 192.168.0.15 192.168.0.13 192.168.1.16 internet Windows 98 with NAT ppp RedHat 6.2 RedHat 6.2 Windows 98 100 mb/s switch 10 mb/s repeater
  • 19.
  • 20.