This process replaces the source port of an outbound message with
a unique logical port number when the message is sent from the private LAN
to the Internet.
The outbound message in the previous figure is a packet from the
private LAN to the Internet. An outbound message (local to external) contains
the source port used by the originating workstation. NAT saves this number
and replaces it in the transport header with a unique logical port number.
For outbound datagrams, the source port number is the local port number. The
masquerade NAT outbound processing steps are:
- Outbound masquerade NAT processing assumes that all IP packets
it receives are bound for external IP addresses, and therefore does not check
to determine whether a packet should be routed locally.
- The set of logical port numbers searches for a match on the transport
layer as well as a source IP address and source port. If found, the corresponding
logical port number is substituted for the source port. If no matching port
number is found, a new one is created, and a new logical port number is selected
and substituted for the source port.
- The source IP address is translated.
- The packet is then processed as usual by IP and is sent to the
correct external system.