59 lines
3.7 KiB
HTML
59 lines
3.7 KiB
HTML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<!DOCTYPE html
|
|
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html lang="en-us" xml:lang="en-us">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
|
|
<meta name="security" content="public" />
|
|
<meta name="Robots" content="index,follow" />
|
|
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
|
|
<meta name="DC.Type" content="task" />
|
|
<meta name="DC.Title" content="Outbound masquerade NAT processing" />
|
|
<meta name="abstract" content="This process replaces the source port of an outbound message with a unique logical port number when the message is sent from the private LAN to the Internet." />
|
|
<meta name="description" content="This process replaces the source port of an outbound message with a unique logical port number when the message is sent from the private LAN to the Internet." />
|
|
<meta name="DC.Relation" scheme="URI" content="rzajwaddmasq.htm" />
|
|
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
|
|
<meta name="DC.Format" content="XHTML" />
|
|
<meta name="DC.Identifier" content="outboundmasqueradenatproc" />
|
|
<meta name="DC.Language" content="en-us" />
|
|
<!-- All rights reserved. Licensed Materials Property of IBM -->
|
|
<!-- US Government Users Restricted Rights -->
|
|
<!-- Use, duplication or disclosure restricted by -->
|
|
<!-- GSA ADP Schedule Contract with IBM Corp. -->
|
|
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
|
|
<link rel="stylesheet" type="text/css" href="./ic.css" />
|
|
<title>Outbound masquerade NAT processing</title>
|
|
</head>
|
|
<body id="outboundmasqueradenatproc"><a name="outboundmasqueradenatproc"><!-- --></a>
|
|
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
|
|
<h1 class="topictitle1">Outbound masquerade NAT processing</h1>
|
|
<div><p>This process replaces the source port of an outbound message with
|
|
a unique logical port number when the message is sent from the private LAN
|
|
to the Internet.</p>
|
|
<div class="section">The outbound message in the previous figure is a packet from the
|
|
private LAN to the Internet. An outbound message (local to external) contains
|
|
the source port used by the originating workstation. NAT saves this number
|
|
and replaces it in the transport header with a unique logical port number.
|
|
For outbound datagrams, the source port number is the local port number. The
|
|
masquerade NAT outbound processing steps are:</div>
|
|
<ol><li><span>Outbound masquerade NAT processing assumes that all IP packets
|
|
it receives are bound for external IP addresses, and therefore does not check
|
|
to determine whether a packet should be routed locally.</span></li>
|
|
<li><span>The set of logical port numbers searches for a match on the transport
|
|
layer as well as a source IP address and source port. If found, the corresponding
|
|
logical port number is substituted for the source port. If no matching port
|
|
number is found, a new one is created, and a new logical port number is selected
|
|
and substituted for the source port.</span></li>
|
|
<li><span>The source IP address is translated.</span></li>
|
|
<li><span>The packet is then processed as usual by IP and is sent to the
|
|
correct external system.</span></li>
|
|
</ol>
|
|
</div>
|
|
<div>
|
|
<div class="familylinks">
|
|
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajwaddmasq.htm" title="This topic describes how masquerade NAT works in a network.">Masquerade NAT</a></div>
|
|
</div>
|
|
</div>
|
|
</body>
|
|
</html> |