| Bill Jonas on Sun, 10 Feb 2002 23:04:53 -0500 |
|
On Sun, Feb 10, 2002 at 07:43:40PM -0500, Jon Galt wrote: > What does "nat in both directions" mean? For that matter, what does "nat" > mean? Just that. You have a one-to-one mapping of external IP addresses to internal IP addresses. Suppose you had an IP address for each machine on your network. Well, you could give them all RFC1918 (private) addresses so that they can't be reached except through the firewall. A friend of mine gave me this more useful example. Suppose an office switches ISPs, but they have all their machines statically configured, and they don't want to have to renumber all their machines just yet. (Let's say, for argument's sake, that they've been with this ISP for several years, before DHCP became prevalent.) Let's say the old IP block is 12.23.56.0/24 and the new block is 23.45.67.0/24. You could set up a machine to translate between the old and the new addresses. (You may wonder how they would reach the next entity to be assigned 12.34.56.0/24. With some additional mangling (this would have to intercept DNS requests and such, or use their own specially-configured DNS server), you could pretend that to the machines inside the network, 12.34.56.0/24 is actually in private address space, which would then get translated upon egress from the LAN.) -- Bill Jonas * bill@billjonas.com * http://www.billjonas.com/ Developer/SysAdmin for hire! See http://www.billjonas.com/resume.html Attachment:
pgp1GWrdTYFTs.pgp
|
|