[ale] nat vs masq
Dave Brooks
db at disctech.net
Sat Apr 10 02:09:15 EDT 1999
NAT == Masquerading.
In fact, Masquerading should be called NAT, and I have no clue why it's
not.
It's simply hiding an entire network behind one real, rouateable IP
address.
The fact that the NetGear router can only open 8 ports has nothing to do
with the Network Address Translation.
Linux setup with IPMasq (NAT) is basically forwarding packets between
interfaces. It looks at the ip firewalling rules set by ipfwadm
(/etc/services, too) for it's firewalling ruleset regarding what ports
to let traffic in on. The router's NAT is done with the firmware (I'm
assuming). Port forwarding is basically saying that if traffic comes
into IP address X on port X, then forward the traffic to IP address Y
and port Y. As far as why you can only open 8 ports, I don't know, you
might want to contact NetGear (Bay Networks?) to see if there's any
other way to do it.
-Dave Brooks
db at disctech.net
David Hamm wrote:
>
> I'm trying to set up a friend with a Netgeer ISDN router for online stock
> trading. The Netgeer does NAT which I thought was the same as Masqurading.
> Here is my problem. One of the online trading services requires a wide range of
> ports to be opened on the "firewall" and the Netgeer can only open 8 ports,
> This looks like port fowarding to me but anyway using our linux masq
> firewall we don't have to do anything special to connect to the online trading
> service and it works fine. Is NAT different than Masqurading? Why would the
> Linux Masq firewall allow proper communication when the NetGeer won't?
>
> -- ---------------------------------
> David Hamm
> Systems Analyst
> Imaging Technologies Services Inc.
> email: dhamm at itserve.com
> voice: 404-885-5905
> ---------------------------------
--
david a. brooks
trusted net, inc.
http://www.trusted.net
voice: .. (770) 425-5700 x.280
pager: .. (770) 379-2333
:wq
More information about the Ale
mailing list