Friday, June 12, 2015

routing behaviour (PAT/NAT) 



                                    |(eth0: 84.23.13.43)

                       +--------------+
                       |              |
                       |  NAT router  |
                       |              |
                       +--------------+
                         |(eth1: 192.168.0.1)
                         |
                 ----------------
                (                )
    +--+       (                  )

    |__|------(   192.168.0.0/24   )
   /____\      (                  )
   Host-A       (________________)
(192.168.0.2)




Assuming we have above network situation and a destination PAT/NAT rule configured on the NAT router for eth0 which forwards all incoming packages with destination port TCP/80 to Host-A (192.168.0.2) I have following question:




What happens when a Host-B (192.168.0.10) in the local networks sends a HTTP request to 84.23.13.43? Some routers seem to manage this situation correctly others not. Is there a technical expression describing this situation? How can I find out which router can manage such internal request on an external ip and which not?


Answer



The technical term for this would be NAT hairpinning or NAT U-turns. Not all home routers do this correctly, but those are off-topic here. Any router used in a professional environment would let you set this up properly.



Another way to "solve" this problem is split DNS views, where internally hostnames would resolve to the internal IP addresses instead of the external ones. In a more complex network I would be in favor of that, but for what you sketch above, NAT hairpinning is easier.


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...