NAT Routers Part 2 (Continued)

Episode 10 Segment 10
   
Eventually the remote web server responds with new data for the browser. When that data arrives at the NAT router, it is of course encapsulated inside an ethernet frame from the cable or DSL "modem". The ethernet frame is discarded to reveal the IP packet addressed to the router. The router temporarily preserves the source IP address, discards the IP packet, and examines the TCP data inside. The router can see that the TCP data inside is directed toward it's process number 3000. The router knows to send that data to process 2020 on the PC with local IP address 2, and so it updates the TCP header accordingly, wraps it inside a new IP packet addressed to 192.168.0.2, wraps that into a new ethernet frame for that PC's ethernet hardware, and sends it into the internal network where that PC can pick it up, stripping off and interpreting the frame and packet and TCP information to ensure that the web server data is displayed by the browser.

The same mechanism is used when browser process 2021 (in the other PC with local IP address 3) requests data from some other web server. By monitoring the outgoing requests, the NAT router is able to learn of all of the communicating client processes in all of the computers, launching proxy processes of its own to handle the corresponding, incoming responses.

When handling these two browser processes in two separate PCs as shown here, the router's process handling is almost exactly the same as when managing two browser processes inside a single PC as shown in our NAT router firewall movie. It really doesn't matter how many PCs you use to host your processes; The original IP address issued by your ISP anticipated as many as 65,535 simultaneous TCP processes and another 65,535 simultaneous UDP processes. (Of course, those numbers represent the - theoretical - maximum. An inexpensive NAT router will run out of memory when asked to manage more than a few hundred communicating processes, but that should be enough to support all of the PCs likely to be needed by a household or home business. A more expensive, business-oriented router can handle tens of thousands of processes in this manner).

Once the NAT router learns of a communicating, client process in any of your PCs, it remains prepared to handle the associated network traffic, relaying it and translating TCP, UDP, and IP address references as necessary so that the ISP thinks everything is coming from a single PC addressed by the original, single Internet address. The router remains prepared to handle each communicating process for an appropriate period of time; until the communicating processes negotiate an orderly disconnection, or until a reasonable period of inactivity indicates the end of associated traffic flow.


Next Segment  Prior Segment