Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

The NAT box you design is implemented and will soon be used to provide IP addres

ID: 3855345 • Letter: T

Question

The NAT box you design is implemented and will soon be used to provide IP address sharing for users of cable modems and DSL service. During the testing though, it becomes obvious that port mapping is not the only capability that is required for a NAT box. For example, some ICMP diagnostics do not work when the packets are sent through your box. Explain in detail what is happening, and what changes must be made to the various packet headers by your software so that the packets flow properly across the NAT box. Given what you have learned, describe any limitations you might expect with your implementation. Be specific.

Explanation / Answer

Solution)

Concerns about NAT Box-

Performance:
– Modifying the IP header by changing the IP address
requires that NAT boxes recalculate the IP header
checksum & cable modems and DSL service
– Modifying port number requires that NAT boxes recalculate
TCP checksum
Fragmentation-
– Care must be taken that a datagram that is fragmented
before it reaches the NAT device, is not assigned a
different IP address cable modems and DSL service or different port numbers for each of
the fragments.

End-to-end connectivity:
– NAT destroys universal end-to-end reachability of hosts on
the Internet.
– A host in the Internet packet headers often cannot initiate
communication to a host in a private network across NAT box.
– The problem is worse, when two hosts that are in a private
network need to communicate with each other.

IP address in application data:
– Applications that carry IP address sharing for users of cable modems and DSL service in the payload of the
application data generally do not work across a privatepublic
network boundary.
– Some NAT devices inspect the payload of widely used
application layer protocols and, if an IP address is detected
in the application-layer header or the application payload,
translate the address according to the address translation
table and port mapping is not the only capability that is required for a NAT box.

Configuring NAT-

First example:
icmp diagnostics –t nat –A POSTROUTING –s 10.0.1.2
–j SNAT --to-source 128.143.71.21
• Pooling of IP addresses:
iptables –t nat –A POSTROUTING –s 10.0.1.0/24
–j SNAT --to-source 128.128.71.0–128.143.71.30
• ISP migration:
icmp –t nat –R POSTROUTING –s 10.0.1.0/24
–j SNAT --to-source 128.195.4.0–128.195.4.254
• IP masquerading:
ip diagnostics –t nat –A POSTROUTING –s 10.0.1.0/24
–o eth1 –j MASQUERADE
• Load balancing:
ipdiagnostics -t nat -A PREROUTING -i eth1 -j DNAT --todestination
10.0.1.2-10.0.1.4

Thank you

Related Questions

The Morton Company recently reported net profits after taxes of $19 million. It
Question #2817092
The Mosley Wheat Company (MWC) has wheat fields that currently produce annual pr
Question #1171457
The Most Basic C Programming Only Please ! thankss One of the oldest known encry
Question #664820
The Most Common Ways You Could Get Tricked into Compromising Company Data by Eri
Question #380328
The Motor Vehicle Manufacturers Association is interested in whether, on average
Question #3314162
The Motor Works is considering an expansion project with estimated fixed costs o
Question #2730755
The Mound Gazette is a local newspaper that is published Monday through Friday.
Question #2785977
The Mountain City Historical Museum is a small museum located in Mountain City,
Question #449918
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
The NASW Code of Ethics makes a number of statements about social workers’ respo
Next
The NBA season is done, the baseball season is hotting up, and NFL is on the hor

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.