Method for communication between intranet equipment and internet equipment and network address transformation equipment

Abstract

The invention discloses a method for communication between intranet equipment and internet equipment and NAT (Network Address Transformation) equipment. The method comprises the steps of: classifying an interface connected with first intranet equipment and a public network interface of the NAT equipment per se into a same VLAN (Virtual Local Area Network) by the NAT equipment, classifying an interface connected with second intranet equipment of the NAT equipment per se into the other VLAN by the NAT equipment, issuing a public network IP (Internet Protocol) address and a gateway address, distributed to the first intranet equipment, on a virtual interface enabled by the NAT equipment per se, and setting ARP (Address Resolution Protocol) information of the IP address to be a silent state; forwarding a received message sent by the first intranet equipment to the internet from a public network interface located in the same VLAN with an ingress interface of the message; forwarding a message, which is sent by the second intranet equipment to the internet and transformed by a network address port, from the public network interface; and forwarding a message sent by the internet equipment according to whether the message is matched with a NAT forwarding table. By applying the method and the NAT equipment, provided by the invention, one equipment in a local area network can interact with a public network rapidly by using the public network IP address, and other equipment in the local area network interact with the public network through NAT.

Description

technical field [0001] The invention relates to the field of network address translation (NAT) application technology, in particular to a method for communicating between an internal network device and an external network device and the NAT device. Background technique [0002] With the rapid development of Internet technology, Internet Protocol (IP) addresses are becoming more and more scarce. In order to solve this problem, NAT technology came into being. NAT essentially converts the IP address in the IP data packet header into another IP address, so that a small number of public network IP addresses can be used to represent more private network IP addresses, and the exhaustion of available IP address space can be slowed down. [0003] figure 1 It is a schematic diagram of the process of the existing NAT processing mode. like figure 1 As shown, in order to realize mutual access between the private network host (Host) and the file transfer protocol server (FTP server) in...

AI Technical Summary

Problems solved by technology

[0016] From the above analysis, it can be seen that the virtual server method or DMZ method used in the existing home networking essentially adopts NAT conversion, that is, it needs to convert one IP address to another IP address, and when using NAT mode, it needs The NAT device has the ALG function. For some private protocols, or protocols that do not yet support the ALG function, it is impossible to penetrate the NAT device, and it is impossible to realize the interaction between the device in the LAN and the server in the public network.

Furthermore, for a certain device in the local area network, it may be necessary to frequently interact with the server in the public network, and the existing processing method requires an address translation process, which delays the interaction process

Images