Project IDGAF is complete, so I’m back on the new Networking for System Administrators.
Network address translation, or NAT, uses a device that accepts packets bound for the public Internet, rewrites them so they appear to come from the NAT device’s public address, and forwards them to their destination. When the remote site answers, the NAT device rewrites the response so that it goes to the original client. The NAT device maintains a table of connections, and tracks the state of each connection so that it can properly open and close connections as needed. Most home routers are NAT devices. While NAT seems easy, it involves lying to all sides of a network connection, and not all protocols can handle those lies. Common examples are FTP, VoIP, and certain sorts of VPN, which all require special handling to traverse NAT. The network administrator can apply filters to NAT devices to block some, but not all, unwanted traffic. NAT is not a security mechanism—the minimal protection NAT offers was broken decades ago. IPv6 specifically excludes NAT.
I hung up some cloth to muffle the roomy sound. We’ll see if that helps. Also, N4SA2e is still available for sponsorship.