Re: NAT via VPN :)
- From
- Aleksey Sobolev (2:5056/12.43)
- To
- Andrew Lepilin (2:5054/37.63)
- Date
- 2005-03-14T15:11Z
- Area
- RU.WINDOWS.NT.ADMIN
Hello, Andrew
Not so long ago (12 Mar 05) you wrote to me:
AL> Hi.
AL> Aleksey Sobolev -> Andrew Lepilin:
AS >> Интересно во многих подобных письмах употребляется NAT. Я
AS >> понимаю в смысле MASCARADING (не помню как точно пишется :)
AS >> Т.е. трансляция многие к одному адресу. Так ли это? NAT imho
AS >> - трансляция многие ко многим...
AL> Маскарадинг - одна из форм NAT (последний абзац). (Цитируется MS Press. MS
AL> Encyclopedia of Networking, 2ed)
AL> Overview
AL> Network address translation (NAT) is a mechanism for translating the IP
AL> addresses of hosts on one network into IP addresses belonging to a
AL> different network. NAT is usually used at the boundary of two networks,
AL> especially where a private network such as a corporate network meets a
AL> public network such as the Internet.
<Поскипано>
AL> Another popular form of dynamic NAT is called address overloading,
AL> masquerading, port address translation (PAT), or network address port
AL> translation (NAPT). In this situation all the IP addresses of the internal
AL> private network are hidden to outsiders, who can access only the single IP
AL> address of the interface exposed to the public network. Address
AL> overloading thus employs many-to- one mappings of IP addresses and is used
AL> when the number of internal addresses is greater than the available number
AL> of global addresses. Address overloading differs from standard NAT in that
AL> port numbers are also translated, not just IP addresses. For example, it
AL> is possible to multiplex many TCP connections through a single global
AL> IP address by assigning each connection a different port number. These
AL> numbers might be chosen, for example, from the range 61,000 through
AL> 65,096, which would allow up to 4096 simultaneous TCP connections through
AL> a single overloaded IP address. Address overloading is often used by
AL> firewalls and sometimes for load balancing Web servers.
Спасибо за тех. статью. Мои слова по сути не противоречат. IMHO понятие NAT используется почти всегда даже когда юзается его частный случай. Думаю это не суть. Вопрос снят.
Best regards, aLANs
--- GoldED/W32 3.0.1-asa9 SR1
* Origin: Без пруда не вытащить и рыбку из него. (FIDO 2:5056/12.43)
SEEN-BY: 46/50 292/100 400/814 450/186 208 247 1024 452/25 160 454/9 455/15
SEEN-BY: 460/15 461/33 74 77 106 640 462/30 464/34 465/62 92 204 469/125
SEEN-BY: 478/40 44 65 550/150 5068 2432/200 2437/335 4600/126 4614/9 4623/56
SEEN-BY: 4623/178 4625/9 4626/100 4632/10 4635/4 99 1024 4641/444 4657/9
SEEN-BY: 5000/5000 5001/90 5001 5002/76 5002 5003/34 57 5010/87 146 5011/12 13
SEEN-BY: 5015/4 10 28 5019/5 31 5020/35 52 115 128 139 150 154 175 378 400 486
SEEN-BY: 5020/545 600 639 642 647 715 755 758 794 817 830 921 968 982 1002
SEEN-BY: 5020/1100 1169 1212 1234 1371 1604 1626 1642 1724 1930 2020 2200 2204
SEEN-BY: 5020/2208 2238 2587 2590 2871 4400 4441 12000 5021/11 29 44 5022/5
SEEN-BY: 5022/128 5023/11 5024/1 73 5025/3 750 5026/10 49 5027/16 5028/63
SEEN-BY: 5030/49 69 115 195 382 436 473 611 920 966 1016 1339 1900 5031/47 70
SEEN-BY: 5032/11 16 23 5033/5 21 35 46 5034/8 5035/38 5036/13 5037/21 5040/33
SEEN-BY: 5040/47 59 5041/4 5042/13 5045/7 5047/43 47 5049/97 157 5050/9 41
SEEN-BY: 5051/35 5053/16 5054/1 4 5 8 9 37 45 50 63 67 81 84 5055/17 95
SEEN-BY: 5056/12 14 16 25 27 30 38 40 49 52 5058/77 5059/20 5063/5 51 5064/7
SEEN-BY: 5064/35 36 53 5067/2 5069/7 5070/26 66 948 1222 5071/22 5075/37
SEEN-BY: 5077/80 5079/49 5080/80 1003 5082/6 5083/13 21 5085/13 5090/23 105
SEEN-BY: 5090/106 5093/4 23 27 33 5095/20 5096/18 5099/4 11 133 5100/113
SEEN-BY: 6000/12 254 6033/2727 6035/9 6045/7 6055/86 6070/5 228 6096/10
�PATH: 5056/12 16 5020/52 4441 545 5054/1 37