Well, since I've asked the question, here is what I've learned. IP Masq is
a "subset" of NAT. :) (Any questions) :)
NAT, network address translation. I can have a one to one NAT, meaning for
every ip address I have on the inside there is a corresponding ip address
that it gets mapped to on the router/firewall on the outside. I can also
have a one to many NAT meaning that for every IP address I have on the
inside it gets mapped to one ip address on the outside. IP Masq is linux's
way of saying the latter. NAT is the generic term and IP masq is a linux
specific term. At least that's my .02 cents worth.
Michael
On Thu, 20 Jan 2000, Mike Machado wrote:
> My bad. I was explaining PAT (port address translation). Same effect, different
> approach. Thats right, IP Masq uses TCP/IP headers to deturmin its stuff.
>
> Quoting Sean-Paul Rees <sean@dreamfire.net>:
>
> > Mike Machado wrote:
> > >
> > > Technically NAT is having MORE THAN ONE IP on the outside network that
> > > gets translated to a different IP on the inside.
> > > Most think that there is only one real IP on the outside, but true NAT
> > > has more than one IP. IP Masquerading utilizes TCP ports to keep track
> > > of what internal IP is doing a request and then using the ONE REAL IP
> > > issues a request on the net. Once it gets the response, it knows who is
> > > who because of the unique sending port from the internal client and
> > > forwards the data back to that user. Anyone have different opinions?
> >
> > Dunno there Mike. I run NAT (FreeBSD's natd) for my cable modem. I have
> > a RFC1918 network on the inside and a single IP on the outside. I'm not
> > sure that it determines the connection by port... I heard somewhere
> > that FreeBSD's NAT sticks a specialized little "tag" on the connection
> > and when that "tag" comes back from the outside host it knows where to
> > route.
> >
> > As for the difference between IPMasq and NAT... IP Masq is very hard to
> > setup and configure compared to FreeBSD's NAT :-)
> >
> > Cheers,
> > Sean
> > ****************************************************************************
> > * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
> > * in the message body to majordomo@saclug.org. Please direct other
> > * questions, comments, or problems to lug-nuts-owner@saclug.org.
> >
>
>
>
> Mike Machado
> mike@innercite.com
> InnerCite
> Network Specialist
> ****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
> * in the message body to majordomo@saclug.org. Please direct other
> * questions, comments, or problems to lug-nuts-owner@saclug.org.
>
****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
* in the message body to majordomo@saclug.org. Please direct other
* questions, comments, or problems to lug-nuts-owner@saclug.org.
This archive was generated by hypermail 2b29 : Fri Feb 25 2000 - 14:29:11 PST