natd Network Address Translation (IP masquera…

Please note: if you are running PPP, then you don't want natd.  PPP has aliasing built in.  Unfortunately, I've never used PPP, so I suggest you follow the
Pedantic PPP Primer
of the
FreeBSD Handbook
or perhaps just see the man pages for information on -alias.
That isn't to say that PPP won't work with natd. See
Dialup firewalling with FreeBSD
.
What is natd?
natd is the Network Address Translation daemon.  There are more
formal definitions
, but hopefully, the rest of this page should be enough for most people.
What is it used for?
My prime use of FreeBSD was to act as a gateway for my home subnet.  In such situations, your ISP gives you a single IP address.  It may be fixed, or it may be dynamic.  In either case, if you have multiple machines talking to the Internet through the gateway, the outside world sees it as a single IP address.  This may seem strange.  How can multiple machines use the same IP address?  The answer is quite simple: Ports.
How does it work?
Basically, what happens is that your internal network address is translated to your IP [as assigned to you by your ISP] plus a port number.  Here's what one such translation might look like (all numbers have been made up at random):
Out [TCP] 192.168.0.1:2139 => 111.222.333.444:2139 aliased to
          1.2.3.444:2139   => 111.222.333.444:2139
On the first line, we have a packet arriving from 192.168.0.1 and headed for 111.222.333.444.  The first number is an internal address which the outside world doesn't know about and doesn't want to know about.  This is an address which is part of a range reserved for private networks only.  Nobody on the Internet has that IP address.  We must translate that address to something which the outside world with recognize and can relate to.  The result of this translation is on the second line.   The IP assigned to us by our ISP is 1.2.3.444 so you can see how we have substituted our external address for our internal address.  Whenever something arrives which is addressed to 1.2.3.444:2139, we will know to send it to 192.168.0.1:2139.  It's that simple.
This process is also known as masquerading or aliasing.
How do I install it?
If you wish to know how I set up my natd, read the
FreeBSD natd manual
.  It contains a section on running natd near the bottom of the page.
You should also read about
an natd problem
I had and how I solved it.  It contains further information about natd.


本文来自ChinaUnix博客，如果查看原文请点：

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有