Solved

NAT, HTTP, and multiple internal IP's sharing an identical external IP

Posted on 2010-08-31
7
503 Views
Last Modified: 2012-05-10
I have a novice understanding of NAT and the ways a router can present multiple (internal) IP's to the world using a single (external) IP.  But I'm struggling to understand a pattern I have found across three different networks.  In each case, I browse to one of the web sites that tells you what your ip address is and different computers within a network all display the same ip address from the web site.  From what I've learned about NAT, if they're all showing the exact same external IP, then the router is probably using port addressing to distinguish the different computers.  But from what I understand about HTTP, it uses port 80, so the router would not be free to multiplex that value.  Is there another NAT mechanism I'm missing that would allow multiple internal IP's to share an identical external IP?

Any help, or references to explanations, greatly appreciated.

Thanks!
0
Comment
Question by:ottenm
7 Comments
 
LVL 17

Accepted Solution

by:
pergr earned 500 total points
ID: 33567361
Port 80 is the destination TCP port.

Each packet sent has both source and destination IP address and port number.

So, if two users are behind the same NAT, and send packet to the same external web server (2.2.2.2), the two packets may have for example:

Source: IP 1.1.1.1, port 20000              Destination: IP 2.2.2.2, port 80

Source: IP 1.1.1.1, port 20001              Destination: IP 2.2.2.2, port 80

This way the web server will send back the correct reply to the right client - by answering to port 20000 and 20001, respectively.
0
 
LVL 9

Expert Comment

by:Tomas Valenta
ID: 33567414
NAT - Network address translation - in router you define NAT you configure how you can manage mapping internal IP's to the available external IP's. In you scenario you are using mapping external router IP address to the local IP addresses. The router rewrites in every packet flowing out to the INternet source address by NAT configured external IP and maintain translation table where are all active translations writen.
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33567470
>But from what I understand about HTTP, it uses port 80, so the router would not be free to multiplex that value.

Correct, as long as there is a port forward (static PAT) the you can not create another another ANT for the IP and port, however, as long as the IP is different, you can have more than one static PAT per port:

Example:
PAT 1:
Public IP: 64.79.20.100 Port 80
mapped to internal: 192.168.20.100 Port 80

PAT2
Public IP: 64.79.20.101 Port 80
mapped to internal: 192.168.20.101 Port 80



>Is there another NAT mechanism I'm missing that would allow multiple internal IP's to share an identical external IP?

outgoing yes (This is call NAT overload)
Incoming now, typically you would have one webserver and then create name based sites.

http://httpd.apache.org/docs/1.3/vhosts/name-based.html

Billy
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:ottenm
ID: 33567477
I see perqr!  So the reply comes back to port 20000, which the router uses to rewrite to the correct internal IP and port 80 (just assuming here that browser is listening on 80 for the reply).  I was hung up on 80 not being changeable.  Thanks for the help!
0
 
LVL 24

Expert Comment

by:rfc1180
ID: 33567492
I have a tendency not to check my grammar before I hit send:

Lets try this again

>But from what I understand about HTTP, it uses port 80, so the router would not be free to multiplex that value.

Correct, as long as there is a port forward (static PAT) the you can not create another another NAT for the IP and port, however, as long as the IP is different, you can have more than one static PAT per port:

Example:
PAT 1:
Public IP: 64.79.20.100 Port 80
mapped to internal: 192.168.20.100 Port 80

PAT2
Public IP: 64.79.20.101 Port 80
mapped to internal: 192.168.20.101 Port 80



>Is there another NAT mechanism I'm missing that would allow multiple internal IP's to share an identical external IP?

outgoing yes (This is call NAT overload)
Incoming no, typically you would have one webserver and then create name based sites.

http://httpd.apache.org/docs/1.3/vhosts/name-based.html

Billy
0
 
LVL 17

Expert Comment

by:pergr
ID: 33567524
Port 80 is only for the server.

The PC (client and browser) is using different ports (higher port numbers). For example, you may run many browsers at the same time, many tabs, etc. Since it is always the client that initiates the connection, it does not needs to use a specific port. However, we all need to know that the server listen on port 80.
0
 
LVL 16
ID: 33567567
You're question is a little confusing. You state that you're using a site like "whatismyip.com" to determine that all your private computers are behind the same public ip. That essentially is the definition of NAT/PAT.

What do you mean about

"But from what I understand about HTTP, it uses port 80, so the router would not be free to multiplex that value."

Multiplexing is the process of taking many data streams and combinging them to flow over own medium. That's what your router does for you.

I guess I don't understand what you're really asking about using HTTP/80? Are you talking about redirecting inbound HTTP/80 traffic to a specific host on your private network? If so, that's called packet filtering or port forwarding.

MO
0

Featured Post

Simple, centralized multimedia control

Watch and learn to see how ATEN provided an easy and effective way for three jointly-owned pubs to control the 60 televisions located across their three venues utilizing the ATEN Control System, Modular Matrix Switch and HDBaseT extenders.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question