λ³μμΉ¨λλ μ μ§ν΄ μλλ°λ μκΈλ―Έν°κΈ°κ° λ§κ΅¬ λμκ°λ νμμ κ°μ κ². βG.M.
ο»Ώ * μλ¬Έλ§ν¬ : ![[http]](/wiki/imgs/http.png)
http://www.alumni.caltech.edu/~dank/peer-nat.html
http://www.alumni.caltech.edu/~dank/peer-nat.html
- νν μκΈ°νλ UDP 릴λ μ΄μ κ΄ν κΈμ
λλ€. κ²½νμ μΈ μκΈΈ ν΄μ£Όμ λ μ΄μ·λκ» κ°μ¬λ립λλ€.
.png ":)")
The situation #
The Internet is based on 32-bit IP (Internet Protocol) addresses, which means the theoretical maximum number of computers on the Internet is 4 billion or so. The practical limit is much lower, due to inefficiences in how IP addresses are used. In fact, the Internet may be only a few years away from running out of IP addresses.
As IP addresses become scarce, a technique known as Network Address Translation, or NAT, was developed to allow the use of a single IP address for a whole network of computers.
A NAT sits inbetween the public Internet and the network it serves, and works by rewriting IP addresses and port numbers in IP headers on the fly so the packets all appear to be coming from (or going to) the single public IP address of the NAT device instead of the actual source or destination.
NAT is now commonly employed in small home-office routers and in software used by consumers to connect several personal computers to a single cable modem. It is even used by some Internet Service providers.
(NAT is not the only possible solution; proxy servers are also commonly used, but require more configuration, and sometimes require custom client software. Eventually, we'll all switch to IPv6, which will have 128-bit addresses, and will solve the problem once and for all, but that's probably not going to be commonplace for many years.)
Some Protocols Aren't NAT-Friendly #
Some applications send IP addresses or port numbers hidden inside their datapackets, where NAT can't properly rewrite them - so those applications don't work when you try to use them on computers behind NATs.
Some NATs, for security reasons, only allow incoming traffic from an outside address if an outgoing packet has already been sent to that outside address. This means that two people behind different NATs can't open up connections to each other in the usual way - ever!
ν΄κ²°μ± #
Peer-to-peer protocols that wish to be NAT-friendly must be aware that any addresses they embed in their data packets may be invalid once the packets pass through the NAT, and compensate accordingly. μ΄κ²μ μ€ννκΈ° μν λ°©λ²μ λ€μκ³Ό κ°μ΅λλ€:
νΌμ΄κ° λͺ¨λ νΈλν½μ λ¨νλμ UDP ν¬νΈλ₯Ό ν΅νμ¬ μ€νλ©λλ€. μ°μ NATλ€μ λμ¬μμ§ μμ μ£Όμ μλ²κ° μμ΄μΌν©λλ€. μ¬μ©μλ€μ λ¨Όμ μ£Όμ μλ²μ μ°κ²°νλ€μ, μ¬μ©μ μμ λ€μ΄ 보μ νκ³ μλ€κ³ μκ°νλ IP μ£Όμλ₯Ό μ μ‘ν©λλ€; μλ²λ UDP ν€λμμ μλ μ£Όμμ ν¨ν·μμ μ μ΄λμ μ£Όμ λͺ¨λλ₯Ό κΈ°λ‘ν΄λ‘λλ€. κ·Έλ€μ μλ²λ λ€λ₯Έ νΌμ΄λ€μκ² μ΄ 2κ°μ μ£Όμμ 보λ€μ μ μ‘ν©λλ€. μ΄ μμ μμ, λͺ¨λ μ¬λμ κ°μμ μ£Όμλ€μ μκ³ μκ²λ©λλ€.
P2P μ°κ²°μ μ΄κΈ° μν΄μ, λͺ¨λ κΈ°μ‘΄ νΌμ΄λ€μ μ κ· νΌμ΄μκ² UDP ν¨ν·μ μ μ‘νλ©°, μ κ· νΌμ΄λ κΈ°μ‘΄ νΌμ΄λ€ κ°κ°μκ² UDP ν¨ν·μ 보λ
λλ€. 맨μ²μμ λμΌν NATλ€μ λμ¬μλμ§ μ¬λΆλ₯Ό μλ μ¬λμ μκΈ° λλ¬Έμ, 맨 μ²μ ν¨ν·μ μΈμ λ public, private μ£Όμ μμͺ½ λͺ¨λλ₯Ό μ μ‘ν΄μΌλ§ ν©λλ€.
μ΄λ κ² νλ©΄ λͺ¨λ μ¬μ©μλ€μ NATλ μ¬μ©ν UDP νΈλν½μ μλ°©ν₯ ꡬλ©μ μ΄κ² λ©λλ€. μ²μ κ°κ°μ νΌμ΄λ€λ‘λΆν° μλ΅μ΄ νλ² λμ°©νκ² λλ©΄, μ μ‘μλ μ¬μ©ν μ£Όμκ° μ΄λ€ κ²μΈμ§λ₯Ό μκ² λκ³ , μ΄μ€μΌλ‘ μ£Όμλ₯Ό μ μ‘νλ κ²μ λ©μΆ μ μμ΅λλ€.
μ΄ λ°©λ²μ΄ νΈνλλλ° νμν μ¬ν #
κΈ°μ‘΄ NAT RFCλ¬Έμμ λ°λ₯΄λ©΄, μ΄λ¬ν κ°λ
μ΄ μ¬μ©κ°λ₯νκΈ°λ₯Ό μνλ NAT μ₯μΉλ λ€μκ³Ό κ°μ νΉμ§μ κ°μ§κ³ μμ΄μΌλ§ ν©λλ€:
NATλ ν¨ν· μ μ‘μ μ¬μ©λ UDP ν¬νΈμ κ°μλ₯Ό λ³κ²½νμ§ μμμΌ ν©λλ€.
κ΄λ ¨μ¬ν:
NATλ€μ μλ νΈμ€νΈκ° νλμ UDP ν¬νΈλ‘λΆν° ν¨ν·λ€μ μ μ‘νλ€λ©΄, NATμ μν΄ λ¦΄λ μ΄λλ ν¨ν·λ€ λν νλμ νΈμ€νΈμ UDP ν¬νΈλ‘λΆν° μ μ‘λ κ²μ²λΌ λ³΄μΌ μ μμ΅λλ€.
