Sunday, November 18, 2012

On proxy servers, IP masquerading and Network Address Translation


IP Masquerading

The network uses one public IP to access the Internet. Source IP addresses in the Internet requests from internal hosts are converted to the public IP address on the MASQ server so that the requests would appear to originate from one host. The internal hosts are configured to use the MASQ server as their Internet gateway.

Proxy Servers

Internal hosts route all their Internet traffic via the proxy server. The proxy server receives requests from the the internal hosts and re-initiates them as requests from the server itself. Destination addresses in the replies are reconverted back to the originating internal host. All applications in the internal network must support proxy services and be configured with the proxy settings. In addition, proxy servers may also support caching of web pages, reducing Internet bandwidth consumed and improving speeds from the client's point of view.

On many networks, MASQ and proxy services are provided on the same servers.

Network Address Translation

The NAT server contains a pool of public IP addresses provided by the Internet Service Provider. Whenever an Internet request is received from an internal host, the internal private IP is associated with an unused public IP from the pool, via which responses are received. When an associated IP address remains unused for a predetermined amount of time, it is returned to the pool of unused public addresses.

See: http://tldp.org/HOWTO/IP-Masquerade-HOWTO/what-is-masq.html

No comments:

Post a Comment