Conference PaperPDF Available

An Extended Algorithm to Enhance the Performance of the Current NAPT

Conference Paper

An Extended Algorithm to Enhance the Performance of the Current NAPT

Abstract and Figures

In this paper, we present an enhanced version algorithm for Network Address Port Translation (NAPT) flavor of Traditional Network Address Translation (NAT). Current version algorithm of NAPT allows mapping of tuples of the type (Local Source IP addresses, Source TU port number) to tuples of the type (registered NAT router IP address, assigned TU port number). But our proposed enhanced algorithm utilizes not only Local Source IP address and Source Port number but also global Destination IP address (True IP) and Destination port number. This proposed algorithm slightly improves the efficiency of the current NAPT and reduces one of the constraints of the current NAPT.
Content may be subject to copyright.
AN EXTENDED ALGORITHM TO ENHANCE THE
PERFORMANCE OF THE CURRENT NAPT
Md. Sadek Ferdous, Farida Chowdhury
and Jhuton Chandra Acharjee
Dept. of Information & Communication Technology, Metropolitan University, Sylhet, Bangladesh
Dept. of Computer Science & Engineering, ShahJalal University of Science & Technology, Sylhet,
Bangladesh.
E-mail: sferdous@metrouni.edu.bd, farida-cse@sust.edu, jhuton76@yahoo.com
ABSTRACT
In this paper, we present an enhanced version
algorithm for Network Address Port Translation
(NAPT) flavor of Traditional Network Address
Translation (NAT). Current version algorithm of
NAPT allows mapping of tuples of the type (Local
Source IP addresses, Source TU port number) to
tuples of the type (registered NAT router IP address,
assigned TU port number). But our proposed
enhanced algorithm utilizes not only Local Source
IP address and Source Port number but also global
Destination IP address (True IP) and Destination
port number. This proposed algorithm slightly
improves the efficiency of the current NAPT and
reduces one of the constraints of the current NAPT.
1 INTRODUCTION
32-bit IP addresses are being alleviated very quickly
[1, 2]. But day by day more and more computers are
trying to be connected to the Internet. It has been
impossible to provide all of them with a unique 32-
bit IP address. The long-term solution to this
problem is to migrate the whole Internet to IPv6,
which has 128-bit address, from the traditional IPv4
with 32-bit address. But this transition is occurring
very slowly and it might need years to accomplish
the whole migration process [2]. As a quick mid-
term solution NAT came into the picture and since
then it has been widely used in many different
situations [3, 4]. In course of time, NAT has been
evolved into different formats. NAPT is one of them
[5].
This paper is organized as follows: Section 2 shortly
discusses NAPT operation and the problem scope of
NAPT. Section 3 elaborates our proposed algorithm
to counteract the problems of NAPT and to improve
its performance. Section 4 illustrates the proposed
algorithm with some examples. In Section 5, we
analyze theoretically the performance of our
algorithm. We conclude in section 6.
2 NAT OVERVIEW
Traditional NAT has two variations- Basic NAT and
Network Address Port Translation (NAPT) [6].
Translation in Basic NAT is limited to IP addresses
alone, whereas translation in NAPT is extended to
include IP address and Transport identifier (such as
TCP/UDP port or ICMP query ID) [6]. NAPT router
maintains a table for such translation. Simplified
version for this table is given in Table 1 [1, 7]:
Table 1: Current NAPT table
The above table illustrates the situation when the
two hosts inside a private network with IP address
192.168.0.5 and 192.168.0.7 try to access a HTTP
server on the Internet through a NAT router. The
NAT router rebuilds each packet replacing the local
IP address and local source port with its external IP
(true IP) and a unique temporary source port
respectively. So that when those packets come back
from the HTTP server to the NAT router, it can
correctly send those packets to their original source
using that temporary source port from the above
table. For this, NAT router maintains a pool of
available port that has not been assigned to any other
packet. Detailed translation process can be found on
RFC-2663[6], RFC-2766[8] and RFC-3022[9].
2.1 Problem Scope of NAPT
NAPT has been suffering from one serious
restriction. For most TCP/IP hosts, TU port range 0-
1023 is kept reserved by the OS for its own usage.
Local
Address
Local
Source
Port
External
Address
Temporary
Source
Port
Transport
Protocol
192.168.0.5 80 25.8.3.2 1400 TCP
192.168.0.7 80 25.8.3.2 1401 TCP
….. ….. ….. ….. …..
Published in the proceedings of the International Conference on Information and
Communication Technology, 2007. (ICICT'07).
Clients trying to initiate a connection typically select
a source TU port in the range of 1024-65535.
However, this convention is not universal and not
always followed. Some client stations initiate
connections using a source TU port number in the
range of 0-1023, and there are servers listening on
TU port numbers in the range of 1024-65535 [6].
The fact is whether a NAT router follows the above
mentioned rules or not; it can have maximum 65536
simultaneous connections at a time considering it
utilizes all the TU ports [10].
3 PROPOSED SOLUTION
Our proposed algorithm can slightly improve the
efficiency of the NAPT time to time so that more
than 65536 simultaneous connections can be served
at a time whereas the current NAPT can’t serve
more than 65536 connections in any circumstances.
We are proposing to slightly change the translation
table by including not only the Local IP address and
Source port number but also the Destination IP
address and Destination port number in the
translation process. The translation table will look
something like the Table 2:
Table 2: Proposed Translation Table
Local
IP
Addr.
Local
Source
Port
Dest. IP
Addr.
Dest.
Port
External
Address
Temp
Source
Port
In Table 2 Addr. means Address, Dest. Means
Destination and Temp. means Temporary. Not all
the columns have been shown in the table 2. Only
those that are needed to build the translation table
has been shown.
In the current version of the NAPT, the local Source
Port number and the Local address are always
replaced with a NAT router assigned port number
and a unique Global IP address irrespective of
whatever the translation scenario is. But in our
proposed solution local Source Port number will not
be changed until some conditions met. To build the
translation table we’re proposing the following
algorithm:
Algorithm ExtendedNAPT
1.
When a packet arrives from the inside
connection, extract the destination IP address
from the packet and scan through the
translation table for any of its entry.
2. If a match is found then go to line 6.
3. Else there is no match
4. Call Procedure BuildTranslationTableOne
(Source IP address). Go to line 17.
5. End If ( end of if in the line 2)
6. Extract the destination port number from the
packet and compare that number with the
destination port number of the entry in the
translation table that has the same destination
IP address as the current incoming packet.
7. If a match is found then go to line 11.
8. Else their destination port numbers are
different
9.
Call Procedure
BuildTranslationTableOne
(Source IP address)
. Go to line 17.
10.
End If ( end of if in the line 8)
11.
Extract the source port number from the
packet and compare the source port number
of the packet with the source port number of
the entry in the translation table that has the
same destination IP address and the
destination port number as the current
incoming packet.
12.
If their source port numbers are same then go
to line 16.
13.
Else their source port numbers are different
14.
Call Procedure
BuildTranslationTableOne
(Source IP address)
. Go to line 17.
15.
End If (end of if in the line 12)
16.
As a match is found for the destination IP
address, destination port number and the
source port number of the incoming packet in
the translation table, then the rules of the
traditional NAPT has to be applied. For this,
Call Procedure
BuildTranslationTableTwo
(Source IP address, Source Port Number)
17.
Exit.
Procedure BuildTranslationTableOne (Source IP
address)
1.
Make an entry in the translation table by only
replacing source IP address of the packet with
the external IP address of the NAT server
keeping all the corresponding information of
the packet unchanged.
2 Return.
Procedure BuildTranslationTableTwo (Source IP
address, Source Port Number)
1.
Make an entry in the translation table by
replacing the source address field of that packet
with the external IP address of the NAT server
and the source port number of the packet with
the NAT server assigned source port number.
2 Return.
4 ALGORITHM ILLUSTRATION
The usage of the algorithm is being illustrated below
with proper figures and tables:
At first let’s assume that we’ve an intranet with
network address 192.168.0. We’ll analyze our
proposed solution with two local hosts A and B in
the intranet with local address 192.168.0.10 and
192.168.0.17 respectively and they are trying to
connect to two servers S1 and S2 with address
18.17.16.121 and 165.72.1.33 respectively. Nat
router has a global address of 13.14.15.23. Now we
can have the following scenarios:
Scenario 1: Both of the hosts A and B are trying to
connect to S1 and S2 respectively at a time:
Fig. 1 illustrates the scenario 1. Session A-S1 has
been established between Host A and Server S1 and
Session B-S2 has been established between Host B
and Server S2. IP address and port number has been
differentiated by colon (:) where left side of the
colon refers to IP address and right side of the colon
refers to port number. It can be called as tuple of IP
and port number. As for example, 192.168.0.10:
7002 means IP address is 192.168.0.10 and port
number is 7002. Two way arrows have been used to
indicate it is a two way connection. When seen from
bottom to top, every lower tuple indicates the source
address and upper tuple indicates the destination
address. When seen from top to bottom, every upper
tuple indicates the source address and lower tuple
indicates the destination address.
Fig. 1: Scenario 1 Illustration
In this scenario, packets coming from both hosts A
and B to the NAT router have the same source and
destination port numbers, but as their destination IP
addresses are different, no port translation is
required according to our proposed algorithm in the
translation process inside the NAT router. The
translation table may look like the following:
Table 3: Scenario 1 Translation Table
Local
IP
Addr.
Local
Source
Port
Dest. IP
Addr.
Dest.
Port
External
Address
Temp
Source
Port
192.168.
0.10
7002 18.17.16
.121
3456 13.14.15.23 7002
192.168.
0.23
7002 165.72.1
.33
3456 13.14.15.23 7002
Scenario 2: Both Host A and Host B are trying to
connect to S1 at a time but to two different
processes:
Fig. 2 illustrates scenario 2 in which incoming
packets from both hosts A and B to the NAT router
may or may not have same source port number and
they are destined for the same server S1. But as their
Fig. 2: Scenario 2 Illustration
destination port numbers are different, no port
translation is required according to our proposed
algorithm in the translation process inside the NAT
router according to our proposed algorithm. The
translation table may look like the following:
Table 4: Scenario 2 Translation Table
Local
IP
Addr.
Local
Source
Port
Dest. IP
Addr.
Dest.
Port
External
Address
Temp
Source
Port
192.168.
0.10
7002 18.17.16
.121
3456 13.14.15.23 7002
192.168.
0.23
7002 18.17.16
.121
6789 13.14.15.23 7002
Scenario 3: Processes with different port numbers
of Host A and Host B are trying to connect to S1 at a
time to a same process of S1:
Fig. 3: Scenario 3 Illustration
Fig. 3 illustrates scenario 3 in which packets coming
from both hosts A and B to the NAT router have
different source port numbers and they are destined
for the same process in the same server S1. But as
their source port numbers are different, no port
translation is required according to our proposed
algorithm in the translation process inside the NAT
router according to our proposed algorithm. The
translation table may look like Table 5:
Table 5: Scenario 3 Translation Table
Local
IP
Addr.
Local
Source
Port
Dest. IP
Addr.
Dest.
Port
External
Address
Temp
Source
Port
192.168.
0.10
1400 18.17.16
.121
3456 13.14.15.23 1400
192.168.
0.23
2100 18.17.16
.121
3456 13.14.15.23 2100
Scenario 4: Processes with same port numbers of
Host A and Host B are trying to connect to S1 at a
time to a same process of S1:
Fig. 4 illustrated scenario 4 in which packet coming
from both hosts A and B to the NAT router have the
same source port number and they are destined to
the same process of the same server S1. In this
situation our algorithm will follow the rule of the
current NAPT in which source port numbers of
Fig. 4: Scenario 4 Illustration
the incoming packets from the local network are
changed with a unique port number that is selected
from a pool of available port number. The
translation table may look like the following:
Table 6: Scenario 4 Translation Table
Local
IP
Addr.
Local
Source
Port
Dest. IP
Addr.
Dest.
Port
External
Address
Temp
Source
Port
192.168.
0.10
1400 18.17.16
.121
3456 13.14.15.23 12345
192.168.
0.23
1400 18.17.16
.121
3456 13.14.15.23 12346
As you can observe that translation table built upon
our proposed algorithm will always ensure that there
will be a unique combination of source IP address,
source port number, external address (the true IP),
destination IP address and destination port number
in each of the rows and no duplication exists among
each of the entire row entries.
5 PERFORMANCE ANALYSIS
In the average case scenario it is least likely to
happen that all the incoming packets towards the
NAT router from the intranet have the same
destination IP address, source port number and
destination port number. Our proposed algorithm
will provide a better solution than the current NAPT
in every case where the destination IP/port number
or both as well as source port number are different.
If two among the 65,536 concurrent packets don’t
have the same destination IP address, source port
number or destination port number, the NAT router
based on our algorithm can serve more than 65,536
packets concurrently which the current NAPT can’t
serve in any situation. If the number of packets with
the different destination IP address, source port
number or destination port number increases, the
ability to serve more than 65536 packets at a time
also increases. In the worst case scenario if all the
65536 incoming packets have the same destination
IP address, source port number and destination port
number then our proposed algorithm will work like
the traditional NAPT. Our proposed algorithm has a
drawback. It takes more computation time than the
traditional NAPT in building the translation table as
because it deals with more columns than the
traditional NAPT.
REFERENCES
[1] Behrouz A. Forouzan, Data Communications and
Networking, TATA McGRAW-HILL, 2004
[2] Network Address Translation FAQ, 2006
[online]http://www.vicomsoft.com/knowledge/
reference/nat.html
[3] Geoff Huston, Anatomy: A Look Inside Network
Address Translators”, Online Version of CISCO
Internet Protocol Journal - Volume 7, Number 3,
September 2004
[online]http://www.cisco.com/web/about/ac123/ac
147/archived_issues/ipj_7-3/anatomy.html
[4] Michael Hasenstein, IP NETWORK ADDRESS
TRANSLATION, 1997
[online]http://www.suse.de/~mha/HyperNews/get/
linuxip-nat.html
[5] Lisa Phifer, “The Trouble with NAT”, Online
Version of Cisco Internet Protocol Journal,
volume3, Number 4, December 2000
[online]http://www.cisco.com/web/about/ac123/ac
147/ac174/ac182/about_cisco_ipj_archive_article0
9186a00800c83ec.html
[6]
Srisuresh, P. and Holdrege, M., "IP Network
Address Translator (NAT) Terminology and
Considerations," RFC 2663, August 1999
[7] W. Richard Stevens, TCP/IP ILLUSTRATED,
VOLUME 1, Addison Wesley Longman, Inc. 1994
[8]
Tsirtsis, G. and Srisuresh, P., "Network Address
Translation-Protocol Translation (NAT-PT)",
RFC 2766, February 2000
[9]
Srisuresh, P. and Egevang, K., “Traditional IP
Network Address Translator (Traditional NAT)”,
RFC 3022, January 2001
[10]
Andrew S. Tanenbaum, Computer Networks,
Prentice-Hall, Inc. 2003
... If the clients use private IPv4 addresses the NAT (more precisely NAPT: Network Address and Port Translation) [7] gateway makes it possible for them to communicate with the rest of the IPv4 world. If the clients use IPv6 addresses, Copyright c 2015 The Institute of Electronics, Information and Communication Engineers Table 1 for connection tracking [9]. They always replace the source port number with a unique one for each source IP address + port number pair. ...
... This algorithm has the consequence that the clients with private IP addresses behind the NAPT device may only have altogether 63k number of sessions per public IP address used at the external network interface of the gateway. Paper [9] suggested a solution for this problem in 2007. Their solution is to include the destination IP address and destination port number in the translation table and replace the source port number only if it is necessary -which means keeping the old one would result in a 5-tuple for the IP packet after the translation that is identical with an existing one in the translation table. ...
Article
Full-text available
Due to the depletion of the public IPv4 address pool, Internet service providers will not be able to supply their new customers with public IPv4 addresses in the near future. Either they give private IPv4 addresses and use carrier grade NAT (CGN) or they move towards IPv6 and provide NAT64 service to the IPv6 only clients who want to reach IPv4 only servers. In both cases they must use a stateful NAT/NAT64 solution. When dimensioning a NAT/NAT64 gateway, the port number consumption of the clients is a key factor as the port numbers are 16 bits long and a unique one has to be provided for every session (when using traditional type NAPT, which does not include the destination IP address and port number in the tuple for the identification of TCP sessions) and a single web client may use several hundred sessions and an equal number of port numbers according to literature. In this paper, we present a method for the estimation of the port number consumption of web browsing. The method is based on the port number consumption measurements of the most popular web sites and their combination using the number of the visitors of the web sites as weight factors. We propose the resulting curve as an approximation of a general profile of the average port number consumption of web browsers after the first click, but without taking into consideration the effect of the web users' browsing behavior. We also discuss the case of the extended NAPT, which can reuse the source port numbers towards different destination IP addresses and/or destination port numbers. We propose a formula and give measurement results for the extended NAPT gateways, too. We disclose the measurement method in detail and provide the measurement scripts in Linux, too.
... DoS attack might come in a way that affect the NAT64 Gateway (PLAT), such as Exhaustion of source port and public IPv4 address pool, which is an issue since the gateway uses 63K 1 number of source ports per public IPv4 address. An enhanced algorithm presented by [11] helps in tackling this issue in details. ...
Conference Paper
Full-text available
This paper focuses on one of the most prominent IPv6 transition technologies named 464XLAT. The aim is to analyze the security threats that this technology might face. We carry out the threat analysis by applying the STRIDE method, which stands for Spoofing, Tampering, Repudiation, Information Disclosure and Elevation of Privilege. STRIDE uses the DFD (Data Flow Diagram) as a basis for its analysis. We have analyzed the structure of 464XLAT then applied the STRIDE method on it and came up with interesting results regarding its security vulnerabilities and we have narrowed down the most common attacks that might have an effect on its deployment.
... Address Translation (NAT) [9]. However, they are for managing the specific part of the Internet systems, and have no purpose of solving our target problems. ...
Article
Full-text available
In the current Internet-based systems, there are many problems using anonymity of the network communication such as personal information leak and crimes using the Internet systems. This is because the TCP/IP protocol used in Internet systems does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a solution for solving the above problem, there is the approach of Policy-based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control of every user. In this PBNM, two types of schemes exist. The first is the scheme for managing the whole LAN by locating the communication control mechanisms on the course between network servers and clients. The second is the scheme of managing the whole LAN by locating the communication control mechanisms on clients. As the second scheme, we have been studied theoretically about the Destination Addressing Control System (DACS) Scheme. By applying this DACS Scheme to Internet system management, we realize the policy-based Internet system management. In this paper, we show the DACS system theoretically.
... (1)Domain name system (DNS) [3] (2)Routing protocol (3) Fire wall (F/W) [7] (4) Network address translation (NAT) [8] / Network address port translation (NAPT) [9] (5) Load balancing [10] [11] (6) Virtual private network (VPN) [12][13] (7) Public key infrastructure (PKI) [14] (8) Server virtualization [15] Except these studies, various studies are performed elsewhere. However, they are for managing the specific part of the Internet system, and have no purpose of solving the above problems. ...
Article
Full-text available
In the current Internet-based systems, there are many problems using anonymity of the network communication such as personal information leak and crimes using the Internet systems. This is because the TCP/IP protocol used in Internet systems does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a solution for solving the above problem, there is the approach of Policy-based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control of every user. In this PBNM, two types of schemes exist. The first is the scheme for managing the whole LAN by locating the communication control mechanisms on the course between network servers and clients. The second is the scheme of managing the whole LAN by locating the communication control mechanisms on clients. As the second scheme, we have been studied theoretically about the Destination Addressing Control System (DACS) Scheme. By applying this DACS Scheme to Internet system management, we intend to realize the policy-based Internet system management finally. In the DACS Scheme, the inspection is not done about compatibility to cloud environment with virtualization technology that spreads explosively. As the result, the coverage of the DACS Scheme is limited only in physical environment now. In this study, we inspect compatibility of the DACS Scheme for the cloud environment with virtualization technology, and enlarge coverage of this scheme. With it, the Virtual DACS Scheme (vDACS Scheme) is established.
Article
Full-text available
This paper focuses on one of the most prominent IPv6 transition technologies named 464XLAT. The aim is to analyze the security threats that this technology might face. After carrying out the threat analysis using STRIDE method that stands for Spoofing, Tampering, Repudiation, Information Disclosure and Elevation of Privilege, and using DFD (Data-Flow Diagram) as a core for the analysis, we summarized the security vulnerabilities and attack points possibilities within this infrastructure. We have also built a testbed for 464XLAT topology using several virtual machines, which were created using Debian image. We used our testbed to perform DoS (Denial of Service) attack against the PLAT (provider-side translator) and monitor PLAT’s performance and the number of packets being translated under attack by different number of clients using the hping3 command.
Article
Full-text available
In the current Internet system, there are many problems using anonymity of the network communication such as personal information leak and crimes using the Internet system. This is why TCP/IP protocol used in Internet system does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a study for solving the above problem, there is the study of Policy Based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control every user. In this PBNM, two types of schemes exist. The first is the scheme for managing the whole LAN by locating the communication control mechanisms on the course between network servers and clients. The second is the scheme of managing the whole LAN by locating the communication control mechanisms on clients. As the second scheme, we have been studied theoretically about the Destination Addressing Control System (DACS) Scheme. By applying this DACS Scheme to Internet system management, we will realize the policy-based Internet system management. As the first step, the DASC System is extended to move on the Wide Area Network (WAN) in this paper. We call the extended DACS system the Wide Area DACS system (wDACS system).
Conference Paper
In the current Internet-based systems, there are many problems using anonymity of the network communication such as personal information leak and crimes using the Internet systems. This is because the TCP/IP protocol used in Internet systems does not have the user identification information on the communication data, and it is difficult to supervise the user performing the above acts immediately. As a solution for solving the above problem, there is the approach of Policy-based Network Management (PBNM). This is the scheme for managing a whole Local Area Network (LAN) through communication control of every user. In this PBNM, two types of schemes exist. The first is the scheme for managing the whole LAN by locating the communication control mechanisms on the course between network servers and clients. The second is the scheme of managing the whole LAN by locating the communication control mechanisms on clients. As the second scheme, we have been studied theoretically about the Destination Addressing Control System (DACS) Scheme. By applying this DACS Scheme to Internet system management, we intend to realize the policy-based Internet system management finally. In the DACS Scheme, inspection is not done about compatibility to cloud environment with virtualization technology that spreads explosively. As the result, the coverage of the DACS Scheme is limited only in physical environment now. In this study, we inspect compatibility of the DACS Scheme for the cloud environment with virtualization technology, and enlarge coverage of this scheme. With it, the Virtual DACS Scheme (vDACS Scheme) is established.
Article
Full-text available
Information Technology (IT) field before cloud computing is not the same after. It has recently accelerated as new criteria for presenting and delivering services over the Internet. Cloud Computing is reacting positively as a concept that may greatly improve the smart devices (Smartphone, Tablet and Fablet) reliability. This paper mainly concentrates to enhance the smart devices dependability through and applications (app) during offloading of services among cloud and device to save energy, many challenges had faced that idea ex: unstable network, unstable Internet services, Synchronization and the limitations of open source smart devices operating system (OS). In order to cure the earlier challenges, An Android OS used with a new layer to offload the non-critical app's jobs. That should occur in One's of two clouds developed specially to do that, the first cloud is a private, connected with smart device through the same data network on-line and the second cloud is a public, related to the previous cloud and the smart device off-line when Internet exists. Using this system, Smart device users may choose to run their mobile application jobs either locally or offloading it to the cloud, this shall save energy spent from the smart device battery when using Third generation of mobile network (3G) or WI-FI. This system has achieved in the provision of high-energy reached 98.67% and will be seen in the context of this research paper.
Article
Network Address Translation is a method by which IP addresses are mapped from one realm to another, in an attempt to provide transparent routing to hosts. Traditionally, NAT devices are used to connect an isolated address realm with private unregistered addresses to an external realm with globally unique registered addresses. This document attempts to describe the operation of NAT devices and the associated considerations in general, and to define the terminology used to identify various flavors of NAT.
Article
Basic Network Address Translation or Basic NAT is a method by which IP addresses are mapped from one group to another, transparent to end users. Network Address Port Translation, or NAPT is a method by which many network addresses and their TCP/UDP (Transmission Control Protocol/User Datagram Protocol) ports are translated into a single network address and its TCP/UDP ports. Together, these two operations, referred to as traditional NAT, provide a mechanism to connect a realm with private addresses to an external realm with globally unique registered addresses.
  • A Behrouz
  • Data Forouzan
  • Communications
  • Networking
  • Mcgraw-Hill
[1] Behrouz A. Forouzan, Data Communications and Networking, TATA McGRAW-HILL, 2004 [2] Network Address Translation FAQ, 2006 [online]http://www.vicomsoft.com/knowledge/ reference/nat.html [3]
  • A Behrouz
  • Forouzan
Behrouz A. Forouzan, Data Communications and Networking, TATA McGRAW-HILL, 2004