Manual:IP/Firewall/NAT: Difference between revisions
Jump to navigation
Jump to search
m Firewall nat moved to Firewall/NAT |
No edit summary |
||
Line 4: | Line 4: | ||
<p><b>Sub-menu:</b> <code>/ip firewall nat</code></p> | <p><b>Sub-menu:</b> <code>/ip firewall nat</code></p> | ||
<br /> | <br /> | ||
Network Address Translation is an Internet standard that allows hosts on local area networks to use one set of IP addresses for internal communications and another set of IP addresses for external communications. A LAN that uses NAT is referred as natted network. For NAT to function, there should be a NAT gateway in each natted network. The NAT gateway (NAT router) performs IP address rewriting on the way a packet travel from/to LAN. | |||
<br /> | |||
<br /> | |||
There are two types of NAT: | |||
<ul> | |||
: <li> <b>source NAT or srcnat.</b> This type of NAT is performed on packets that are originated from a natted network. A NAT router replaces the private source address of an IP packet with a new public IP address as it travels through the router. A reverse operation is applied to the reply packets travelling in the other direction. | |||
: <li> <b>destination NAT or dstnat.</b> This type of NAT is performed on packets that are destined to the natted network. It is most comonly used to make hosts on a private network to be acceesible from the Internet. A NAT router performing dstnat replaces the destination IP address of an IP packet as it travel through the router towards a private network. | |||
</ul> | |||
</div> | </div> | ||
[[Category:Manual]] | [[Category:Manual]] | ||
[[Category:Unfinished]] | [[Category:Unfinished]] |
Revision as of 14:30, 30 September 2009
Summary
Sub-menu: /ip firewall nat
Network Address Translation is an Internet standard that allows hosts on local area networks to use one set of IP addresses for internal communications and another set of IP addresses for external communications. A LAN that uses NAT is referred as natted network. For NAT to function, there should be a NAT gateway in each natted network. The NAT gateway (NAT router) performs IP address rewriting on the way a packet travel from/to LAN.
There are two types of NAT:
- source NAT or srcnat. This type of NAT is performed on packets that are originated from a natted network. A NAT router replaces the private source address of an IP packet with a new public IP address as it travels through the router. A reverse operation is applied to the reply packets travelling in the other direction.
- destination NAT or dstnat. This type of NAT is performed on packets that are destined to the natted network. It is most comonly used to make hosts on a private network to be acceesible from the Internet. A NAT router performing dstnat replaces the destination IP address of an IP packet as it travel through the router towards a private network.