The good news about local IP addresses is that they're invisible to the Internet as a whole. If network crackers can't see your IP address, breaking into your computer from the Internet is a lot harder. The bad news, of course, is that if your IP address is invisible to the Internet, it's kind of hard for a Web server to send you satellite weather images or anything else.
The solution is something called Network Address Translation (NAT). NAT is a software service that can run on a computer or (more commonly) inside a router. Quite simply, NAT translate a non-routable local IP address into a "normal," routable IP address. There are several different types of NAT software. I'm going to focus on the kind that runs inside a small router, because that's the place NAT runs in most simple home office networks.
If you create a home or small office network using a router or wireless gateway, (gateways contain routers, so when I say "routers" in this I'm including gateways too) your router is the device thats gets the IP address that you receive from your Internet Service Provider. Routers are the "entrance points" to networks, and your IP address is the address "over the door."
Anything you do using the TCP/IP protocol (which, over the Internet, is virtually everything you do) involves a connection between your computer and a computer somewhere else. A connection requires two ends, and both ends must have IP addresses. The hangup (as I mentioned earlier) is that a from local IP address cannot be accessed beyond your router. To use the Internet from your computer, you must have a routable IP address.
NAT provides this. Take a look at Fig 1. This is a sketch of a very common home network setup: Four computers, a router, and a switch. (In many or ever most cases these days, the router and the switch are combined into a single unit. I break them out here for conceptual clarity.) Each of the network's four computer has a local,
non-routable IP address. NAT is running inside the router NAT keeps these local IP addresses in a table that it maintains within itself.
The router has a public, routable IP address that is the only address for the whole network that can be seen by the outside world. When a server or some other program needs to create a connection to one of the computers inside the network, the router takes its own public IP address, and adds a TCP port number to that address. It tucks this "extended" IP address in its internal table beside the local IP address of the computer in question. Which port number isn't important, as long as it isn't already being used by anything in that particular network. (There are over 65,000 different port numbers, so finding a free one in a small network is rarely a problem.) In this way, NAT creates the table as a sort of "internal phone book" for the devices on its network. This table is not accessible from the Internet. Only NAT can read in or change it.
When one of the computers inside the network wants to connect to a Web server. NAT takes the Web page request and places the extended IP address (the router's IP address plus a port number) into the request. When the Web server establishes a connection, it uses this extended IP address, and not the internal, local IP address of the computer to which it connects. The connection is thus established with the router, not the computer and the router decides what material delivered from the Web server can reach the computer.
NAT thus provides two very important benefits to a small network:
1. It makes good use of scarce unique public IP addresses. Only one is needed for the network as a whole. Computers on the network all have a local IP addresses, which may also be used locally by other networks, even millions of other networks.
2. It provides considerable security. No computer may connect to a computer inside the network without the router's consent and cooperation. Virtually all home office routers include both DHCP servers (which provide a local IP addresses to devices on the network) and NAT servers, which intermediate between local iP addresses and the global Internet. Rounding out the equipment lineup on home routers is usually a switch with several hardware ports ( no relation to TCP ports!) for plugging in computers and othe network devices, like Wi-Fi access points.
About Me
Wi-Fi Logo
