Upload File

network address translator

22
Network Address Translator Teknik Informatika - AMIKOM STMIK AMIKOM Yogyakarta

Upload: ava-herman

Post on 30-Dec-2015

94 views

Category:

Documents


6 download

Report

DESCRIPTION

Network Address Translator. Teknik Informatika - AMIKOM STMIK AMIKOM Yogyakarta. Private Network. Private IP network adalah IP jaringan yang tidak terkoneksi secara langsung ke internet IP addresses Private can dirubah sesuai kebutuhan. - PowerPoint PPT Presentation

TRANSCRIPT

  • Network Address Translator

    Teknik Informatika - AMIKOMSTMIK AMIKOM Yogyakarta

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Private NetworkPrivate IP network adalah IP jaringan yang tidak terkoneksi secara langsung ke internet IP addresses Private can dirubah sesuai kebutuhan. Tidak teregister dan digaransi menjadi IP Global yang unikUmumnya, Jaringan private menggunakan alamat dari range experimental address (non-routable addresses): 10.0.0.0 10.255.255.255172.16.0.0 172.31.255.255192.168.0.0 192.168.255.255

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Private Addresses

    Cloud

    Ethernet

    Computer

    Bridge

    213.168.112.3

    H1

    H3

    10.0.1.1

    R2

    H4

    10.0.1.3

    10.0.1.2

    Private network 1

    Internet

    H5

    10.0.1.1

    Private network 1

    128.195.4.119

    H2

    10.0.1.2

    10.0.1.3

    128.143.71.21

    R1

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Network Address Translation (NAT)NAT adaah sebuah fungsi router yang memetakan alamat IP private (Lokal) ke alamat IP yang dikenal di Internet, shg jaringan private bisa internetanNAT merupakan salah satu metode yang memungkinkan host pada alamat private bisa berkomunkasi dengan jaringan di internetNAT jalan pada router yang menghubungkan antara private networks dan public Internet, dan menggantikan IP address dan Port pada sebuah paket dengan IP address dan Port yang lain pada sisi yang lain

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Operasi Dasar NATNAT device mempunyai Tabel Penterjemah

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Penggunaan Utama NATPooling IP addressMen-support perpindahan ISP tanpa harus merubah konfigurasi pada jaringan lokalIP masqueradingLoad balancing servers

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Pooling of IP addressesSkenario: Jaringan suatu perusahaan (Corporate Network) punya banyak host tapi hanya mempunyai beberapa IP publicSolusi NAT :Corporate network diatur dengan pengalamatan privateNAT device, ditempatkan diantara corporate network dan public Internet, menagtur pool IP publicKetika host dari corporate network mengirimkan paket ke host di internet, NAT akan memilih IP public mana yang dipakai dari pool address, dan mengikat alamat ini untuk private address tertentu

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Pooling IP addresses

    Cloud

    NamePosition

    CompanyAddress

    Tel:Fax:

    Ethernet

    Computer

    Bridge

    H1

    private address: 10.0.1.2public address:

    H5

    Private network

    Internet

    Source = 10.0.1.2Destination = 213.168.112.3

    Pool of addresses: 128.143.71.0-128.143.71.30

    Source = 128.143.71.21Destination = 213.168.112.3

    public address: 213.168.112.3

    NAT device

    Private Address

    PublicAddress

    10.0.1.2

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Men-support perpindahan ISPSkenario: Dalam CIDR, IP public pada corporate network di dapat dari service provider. Jika kita pindah ISP maka akan berubah pula IP Public-nya. Perlu perubahan ke semua komputer lokal di jaringan. Solusi NAT:Corporate network diatur dengan pengalamatan private NAT mempunyai entri static address translation yang mengikat IP Privat ke IP PublicPerpindahan ISP baru hanya membutuhkan update pada NAT. Perubahan tidak dicatat pada host lokal di jaringanNote:Perbedaan menggunakan NAT dengan Pooling adalah mapping IP Public dan IP Private dilakukan secara static

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Men-support perpindahan ISP

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    IP masqueradingBiasa disebut: Network address and port translation (NAPT), port address translation (PAT). Skenario: Single IP Public dipetakan ke multiple IP pada jaringan lokal. Solusi NAT:Corporate network diatur dengan pengalamatan privateNAT device memodifikasi nomor port dan IP ketika keluar ke jaringan internet

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    IP masquerading

    Cloud

    NamePosition

    CompanyAddress

    Tel:Fax:

    Ethernet

    Computer

    Bridge

    Internet

    128.143.71.21

    Source = 10.0.1.3Source port = 3020

    Source = 128.143.71.21Source port = 2100

    NAT device

    Private Address

    H1

    PublicAddress

    10.0.1.2/2001

    128.143.71.21/2100

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Load balancing of serversSkenario: Menyeimbangkan kerja sekumpulan server yang identik, yang diakses dari single IP address

    Solusi NAT:Server yang identik diberi nomor IP private/lokalNAT device berfungsi sebagai proxy yang diberi IP Public dimana request ke server melalui NATNAT akan merubah alamat tujuan paket yang datang ke salah satu IP server yang loadnya rendahKebijakan strategi Load Balancing Server untuk penugasan bisa menggunakan algoritma round-robin.

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Load balancing servers

    Cloud

    NamePosition

    CompanyAddress

    Tel:Fax:

    Server

    Mainframe

    Ethernet

    Computer

    Bridge

    Internet

    128.143.71.21

    Source = 128.195.4.120Destination= 128.143.71.21

    Source = 128.195.4.120Destination= 10.0.1.4

    Source = 213.168.12.3Destination = 128.143.71.21

    NAT device

    Private Address

    S3

    10.0.1.4

    10.0.1.3

    10.0.1.2

    PublicAddress

    PublicAddress

    10.0.1.2

    128.143.71.21

    Inside network

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Permasalahan Pada NATPerformance:Memodifikasi IP header dengan merubah IP address membutuhkan perhitungan kembali IP header checksumModifikasi port number membutuhkan recalculate TCP checksum

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Permasalahan NATEnd-to-end connectivity:NAT merusak universal end-to-end reachability host pada Internet. Host pada public Internet selalu tidak dapat menginisialisasi komunikasi ke host jaringan lokalPermasalahan menjadi buruk, ketika dua host di private butuh komunikasi dengan yang lain

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Permasalahan NATIP address pada data aplikasi:Aplikasi yang membawa IP Address dalam payload umumnya tidak bisa bekerja untuk melewati lingkungan jaringan private-public.Tidak semua aplikasi support NAT

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Konfigurasi NAT di LinuxLinux menggunakan paket iptables package untuk melakukan filter pada modul IP

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Konfigurasi NAT dengan iptableCOntoh: iptables t nat A POSTROUTING s 10.0.1.2 j SNAT --to-source 128.143.71.21 Pooling of IP addresses: iptables t nat A POSTROUTING s 10.0.1.0/24 j SNAT --to-source 128.128.71.0128.143.71.30ISP migration: iptables t nat R POSTROUTING s 10.0.1.0/24 j SNAT --to-source 128.195.4.0128.195.4.254IP masquerading: iptables t nat A POSTROUTING s 10.0.1.0/24 o eth1 j MASQUERADE Load balancing:iptables -t nat -A PREROUTING -i eth1 -j DNAT --to-destination 10.0.1.2-10.0.1.4

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    Workshop NAT

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    NAT Configuration

    Electronic Engineering Polytechnic Institut of Surabaya ITS Kampus ITS Sukolilo 60111

    NAT ConfigurationLakukan konfigurasi jaringan internal dengan Router seperti pada gambar.ifconfig eth0 downifconfig eth0 upifconfig eth0 no_ip netmask no_netmask broadcast no_brodcast uproute add -net default gw no_gwKonfigurasi pada router ifconfig eth0 downifconfig eth0 upifconfig eth0 no_ip_pertama_router netmask no_netmask broadcast no_brodcast upifconfig eth0:1 no_ip_kedua_router netmask no_netmask broadcast no_brodcast upecho 1> /proc/sys/net/ipv4/ip_forwardSetting router meneruskan data melalui gateway internet (dianggap gateway internet adalah 192.168.105.1# route add default gw 192.168.105.1 Setting Router sebagai NAT :# iptables t nat A POSTROUTING s IP_number -d 0/0 j MASQUERADE


Configuring Network Address Translation

Network Address Translation Overview

The Road to SDN: An Intellectual History of Programmable ......router, switch, firewall, network address translator, or some- ... of custom functionality to apply to a subset of packets

A Practical Look at Network Address Translation · A Practical Look at Network Address Translation ... typically the address of a network server, ... with them through static NAT

Network address translations

Research Article Quantum Neural Network Based Machine Translator for Hindi to English · 2019. 7. 31. · Research Article Quantum Neural Network Based Machine Translator for Hindi

Network Address Translation Overview - CiscoForALL · Network Address Translation Overview This lesson introduces Network Address Translation, its implementation and its considerations

Ethernet Network Appliance (with Network Address ...literature.rockwellautomation.com/idc/groups/literature/documents/...2 Ethernet Network Appliance (with Network Address Translation)

Network Address Translator dengan jaringan di internet •NAT jalan pada router yang menghubungkan antara private networks dan public Internet, dan menggantikan IP address dan Port

Table of Contentsstaging.fusionconnect.com/sites/default/files/pdfs/...a Network Address Translator (NAT). If your SoftSPOT is behind a NAT, your public IP address will typically be

A Practical Look at Network Address Translation · A Practical Look at Network Address Translation 5 Network Address Translation Network Address Translation (NAT) is a technology

Research Article Quantum Neural Network Based Machine Translator …downloads.hindawi.com/journals/tswj/2014/485737.pdf ·  · 2015-11-23Quantum Neural Network Based Machine Translator

Configuring Network Address Translation · Network Address Translation (NAT) NetworkAddressTranslation(NAT)isdesignedforIPaddressconservation.ItenablesprivateIPnetworks

How Does Transportation and Network Planning Address Network Planning Address Greenhouse Gas Emissions?

DC2591A: EasySMU: I2C Address Translator and Simple

A5-IPv6 ss2012 v4-7 - ict.tuwien.ac.at · RFC 1631 “The IP Network Address Translator (NAT)” may 1994 (obsoleted by RFC 3022) (Status: INFORMATIONAL) – RFC 3022 Traditional

Network Access Address Translations

Security of Patched DNS - BIUu.cs.biu.ac.il › ~herzbea › security › 12-04-derandomisation.pdf · IndexTerms—DNS security, DNS poisoning, Kamisky attack, Network Address Translator,

Network Address

Cisco ASR 5x00 Network Address Translation Administration ... · Network Address Translation Overview NAT Overview Cisco ASR 5x00 Network Address Translation Administration Guide

Network Address Translation (Nat)

NAT + VoIP - 國立臺灣大學acpang/course/voip_2004/slides/NAT_SIP_1.pdf · 4 What is NAT? NAT - Network Address Translation RFC 3022 - Traditional IP Network Address Translator

NAT: Network Address Translation

Network Address Translator (NAT, RFC 3022) - vsb.czwiki.cs.vsb.cz/pos/images/4/44/NAT.pdf · 2 Purpose of NAT Only a limited set of public addresses (or a single address) is used

Technical Note Title...Configuring the Synapse® SB67070 SIP Gateway for Broadvox GO! SIP Trunking ... Routing priority should be dynamic first, static second ... Network Address Translator

EGEE - ARESU - Architecture réseaux, expertise, …aresu.dsi.cnrs.fr/IMG/pdf/articles.05.EGEE.IPv6.DJRA4.3.pdf[R18] RFC 3022-Traditional IP Network Address Translator (Traditional

Network address translation pdf

Network Address Translator

Proxy Server, Network Address Translator, Firewallisg/IWT/SLIDES/Section-4.pdf · ¾The NAT device changes the destination IP address of arriving packets to one of the private addresses

Legacy Network Address Translator Traversal Using the … 06-07... · Agenda Host Identity Protocol (HIP) Network Address Translation (NAT) Legacy NAT traversal using HIP Conclusions

NAT – Network Address Translation

Network Address Translator Scopi e Problematiche Corso di Infrastrutture e servizi per reti geografiche - 01GQB di Vincenzo Buttazzo e Marco Vallini NAT

Regggional IP Addressing · 2013. 1. 10. · IPv4 Addressing Private Network Address RangePrivate Network Address Range IP Address Classful Address Range Number of host addresses

Network Address Translator - staffnew.uny.ac.idstaffnew.uny.ac.id/upload/198412092015041001/pendidikan/Modul 5 NAT.pdfPrivate Network LOGO Private IP network adalah IP jaringan yang

Lecture 8. TCP/IP Concepts Addressing Level Network-level address Network Address Used to route PDU through one network IP address or internet address