Netopia R910 manual Understanding Netopia NAT Behavior C-189, Workstation A

Understanding Netopia NAT Behavior C-189

When the Netopia R910 receives this IP packet, it cannot simply forward it to the WAN interface and the Internet since the IP addresses on the LAN interface are not valid or globally unique for the Internet. Instead, the Netopia R910 has to change the IP packet to reflect the IP address that was acquired on the WAN interface from the ISP.

The Netopia R910 will first substitute the source IP address with the IP address that was acquired on the WAN interface, which in this case is 200.1.1.40. Next the Netopia R910 will substitute the source TCP or UDP port with a TCP or UDP port from within a specified range maintained within the Netopia R910. And finally the modified IP packet's checksum is recalculated (as specified in RFC 1631) and the packet is transmitted across the WAN interface to its destination, the WWW server on the Internet.

If the send and response IP packets were drawn out, this process would look like the following:

As you can see, the IP packet from Workstation A is sent to the Netopia R910 and the source IP address is substituted with 200.1.1.40 and the source port is substituted with 5001, then the IP packet checksum is recalculated. When this modified packet reaches the WWW server on the Internet, the WWW server responds and sends the IP packet back to destination IP address 200.1.1.40 and destination port 5001.

When the Netopia R910 receives this IP packet from the WWW server, the Netopia R910 replaces the destination IP address with 192.168.5.2, the address for Workstation A. The port is changed back to 400, the IP packet checksum is recalculated, and the IP packet is sent to Workstation A on the Netopia R910s LAN interface.