两台计算机如何通过 NAT 连接到同一个外部地址? [英] How do two computers connect to same external address through NAT?

问题描述

如果我有两台内部计算机通过 NAT 路由器连接到同一个外部 IP 地址，路由器如何将流量传送到正确的内部计算机?据我了解，NAT 将传入数据包转发到最近将传出数据包发送到 [传入数据包] 发件人 IP 地址的计算机.由于两台计算机都发送到相同的地址，路由器是否将数据包转发给两者?如果是这样，客户端软件是否有责任确定哪些数据包是相关的?

If I have two internal computers connecting to the same external IP address through a NAT router, how is the router able to get the traffic to the correct internal computer? It is my understanding that NAT forwards incoming packets to the computer that recently sent outgoing packets to the [incoming packet's] sender's IP address. Since both computers are sending to the same address, does the router forward the packet to both? If that is the case, is it the responsibility of the client software to determine which packets are relevant?

如果两台计算机都尝试连接到同一个端口，是否有可能?

Is it possible if both computers are attempting to connect to the same port?

推荐答案

当你打开一个socket时，你需要寻址目标系统的一个端口，并在你自己的系统上打开一个共轭监听端口来接收任何响应.您必须向目标系统发送您的侦听端口.

When you open a socket, you need to address a port of the destination system and open a conjugate listening port on your own system to receive any response. You have to send the destination system your listening port.

有多个系统使用同一个调制解调器

当您启动网络浏览器并访问 www.google.com:80 时，您的浏览器会从系统获取/搜索免费的非系统共轭端口以进行侦听.假设共轭端口为 10000.监听端口用于接收来自 google 的 http 流.

When you start a web browser, and go to www.google.com:80, your browser obtains/searches for a free non-system conjugate port from the system for listening. Let us say, the conjugate port is 10000. The listener port is for receiving the http stream back from google.

然后你旁边的孩子也顺便浏览了 www.google.com:80 和他/她的 play station 或 xbox 的 google 会话——随便什么也被分配了共轭端口 10000.

Then your kid sitting next to you incidentally also browses www.google.com:80 and his/her google session of the play station or xbox-whatever also incidentally is assigned conjugate port 10000.

你们俩都坐在电缆调制解调器后面，而电缆调制解调器后面是您的无线路由器.并且您的两个系统都位于无线路由器之后 - 所有系统都按照网络拓扑的顺序排列.

Both of you are sitting behind a cable modem, and behind the cable modem is your wireless router. And both of your systems are behind the wireless router - All sitting in that sequence, network topology-wise.

防止路由器/调制解调器上的端口地址冲突

假设您的有线电视公司 DHCP 为您的调制解调器分配了 ip4 地址 72.72.72.72.但是您的无线路由器 DHCP 将 192.168.0.10 分配给您的系统，并将 192.168.0.11 分配给您孩子的系统.

Let us say that your cable company DHCP assigns your modem ip4 adress 72.72.72.72. But your wireless router DHCP assigns 192.168.0.10 to your system and to 192.168.0.11 to your kid's system.

当携带您的侦听器端口信息的帧通过您的 NAT 路由器时，它会转换一个或两个侦听端口.假设您的页面使用端口 15000，您孩子的页面使用端口 16000.

When the frame carrying the information of your listener ports passes thro your NAT router, it would translate either one or both listening- ports. Let's say port 15000 for your page and port 16000 for your kid's page.

然后，您的无线路由器会将来自 72.72.72.72:15000 和 72.72.72.72:16000 的请求发送到 Google 服务器.

Your wireless router then sends your requests to google server as coming from 72.72.72.72:15000 and 72.72.72.72:16000.

然后，谷歌服务器分别响应 72.72.72.72:15000 和 72.72.72.72:16000，当您的无线路由器遇到响应时，它会进入它存储的映射并将 72.72.72.72:15000 转换为 192.168.0.10:10000 到达您的系统，但将 72.72.72.72:16000 转换为 192.168.0.11:10000 以到达您孩子的系统.

The google server then responds individually to 72.72.72.72:15000 and 72.72.72.72:16000 and when you wireless router encounters the response, it reaches into the mapping that it has stored and translates 72.72.72.72:15000 to 192.168.0.10:10000 to reach your system but translates 72.72.72.72:16000 to 192.168.0.11:10000 to reach your kid's system.

运行 web/game/ftp/etc 服务器

但是，如果您的系统上运行着 Web 服务器或 ftp 服务器，该怎么办.如果您有两个系统并且都有一个 Web 服务器，并且两个 Web 服务器都在侦听端口 80，该怎么办?

But what if you have a web server or an ftp server running on your system. What if you have two systems and both have a web server and both web servers are listening on port 80?

假设您的第一个 Web 服务器系统的无线路由器注册/分配的本地 IP 地址是 192.168.0.30，而您的第二个 Web 服务器系统是 192.168.0.40.

Let us say the local ip addresses registered/assigned with your wireless router of your first web server system is 192.168.0.30 and your second web server system is 192.168.0.40.

无线路由器通常默认有一个配置网页 192.168.0.1:80，除非您更改它.页面上会有一个选项卡，您可以在其中定义/保留应用程序端口映射.

The wireless router would have a configuration web page usually by default 192.168.0.1:80, unless you changed it. There would be a tab to on the page where you could define/reserve application port mappings.

您可以在无线路由器上注册以保留映射

You could register with your wireless router to reserve the mapping

192.168.0.30:80 => outgoing port 8080
192.168.0.40:80 => outgoing port 8088

这样您就必须给您的朋友打电话，您的网络/游戏服务器可以通过分别为 72.72.72.72:8080 和 72.72.72.72:8088，无线路由器将阻止其端口 8080 和 8088 使用自己的动态 NAT.

So that you have to phone your friends your web/game servers are addressable through 72.72.72.72:8080 and 72.72.72.72:8088 respectively, where the wireless router would preclude its port 8080 and 8088 from its own dynamic NAT usage.

当然，72.72.72.72 与仅在您的 ISP DHCP 决定更新调制解调器的 ip4 地址为 72.72.90.200 之前一样好.之后，您必须给您的朋友打电话/发电子邮件并说嘿嘿，服务器地址分别改成了 72.72.90.200:8080 和 72.72.90.200:8088.或者您可以订阅动态 dns (ddns) 服务以使用命名域，其中 ddns 服务需要您在系统上安装一个简单的心跳实用程序来帮助他们监控地址变化.DDNS 翻译是一个单独的问题/策略.

Of course, 72.72.72.72 is as good as only before your ISP DHCP decide to renew the ip4 address of your modem to say, 72.72.90.200. After which you would have to phone/email your friends and say Hey, the servers' addresses have changed to 72.72.90.200:8080 and 72.72.90.200:8088 respectively. Or you could subscribe to dynamic dns (ddns) service to use a named domain where the ddns service will need you to install a simple heartbeat utility on your system to help them monitor the address variation. DDNS translation is a separate issue/strategy.

NAT 调制解调器

较新的 ISP 合同为您提供具有 NAT 的调制解调器.如果是这样，您必须关闭调制解调器上的一个或无线路由器上的一个.您不应该同时使用两者 - 翻译两次有什么意义，因为 NAT 只是为了防止地址冲突.当您从无线路由器关闭 NAT 时，它可以作为集线器交换机而不是路由器再运行，因此您可以使用其 LAN 插座而不是通过其 WAN 插座将其连接到调制解调器.

Newer ISP contracts supply you with a modem that has NAT. If so, you have to switch off either the one on your modem or the one on your wireless router. You should not use both - what's the point in translating twice because NAT is simply to prevent address collision. When you switch off NAT from your wireless router, it can operate as a hub switch and not a router anymore so that you could connect it to the modem using one of its LAN socket instead of thro its WAN socket.

这篇关于两台计算机如何通过 NAT 连接到同一个外部地址?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！