View Single Post
  #4   (View Single Post)  
Old 25th September 2009
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Sunsawe: to clarify Carpetsmoker's question:

We can assume your router does Network Address Translation (NAT), so that all of the devices behind it share one single Internet address, and the systems on the local network are using "private" Internet addresses in one of these three ranges, per RFC 1918:
  • 10.0.0.0 - 10.255.255.255 (10/8 CIDR)
  • 172.16.0.0 - 172.31.255.255 (172.16/12 CIDR)
  • 192.168.0.0 - 192.168.255.255 (192.168/16 CIDR)
These addresses are not used on the Internet itself, they are used in private networks.

Since all of the devices on your private LAN share the same Internet address, your router must keep track of the state of all sessions that go through it. This is automatic, for traffic that is initiated inside your LAN, headed out to the Internet. However, for -services- you operate, such as FTP, there is no pre-existing state to keep track of -- incoming traffic to the router from the Internet has to go somewhere, and your router must be told where on your LAN to forward it.

See your router owner's manual.

---

So a NAT router acts something like a firewall, in that if you have not set up a service on it, any unanticipated incoming traffic will be rejected, since the router doesn't know what to do with it.
Reply With Quote