Network Address Port Translation Residential Network connect

Network Address Port Translation. Residential Network connections via Cable or DSL usually are allocated only a single IP Address. As end users often want to operate multiple internet enabled devices at home, people often use small routers to map an internal network with multiple IP addresses, to the single IP address provided by the ISP. This is referred to as Network Address Port Translation (NAPT) or just Network Address Translation (NAT). Assume we have a home network that is connected by a wireless router that includes NAT capabilities as well as a DHCP server. On the wireless network we have a Desktop, a Laptop and a Video Game Console that are switched on and used in this order. The external IP address of the router is 71.204.145.120, the internal IP address is 192.168.1.1. The DHCP server on the router is programmed to give out IP addresses on the nework 192.168.1.1, netmask FF:FF:00:00.

(a.) Draw the topology of the network with the router after all devices are switched on (you can omit any hosts between the wireless router and myth18). The topology should include IP addresses and netmasks where known.

(b.) After all three hosts on the wireless network are switched on they connect to a web server running on myth18.stanford.edu. What IP addresses will the web server on myth18 record for the web requests coming from the Laptop, Desktop and Video Game Console?

(c.) Both the Laptop and Desktop have an SSH server running on port 22. Is it possible to connect from myth18 to the SSH servers? If yes, explain the steps involved in setting up the connection. If no explain why it is not possible.

(d.) Is there an upper limit for the maximum number of parallel UDP connections from hosts on the local network of the router to servers on the internet? If yes, what is this maximum?

Solution

A single listening port can accept more than one connection simultaneously.

There is a \'64K\' limit that is often cited, but that is per client per server port, and needs clarifying.

Each TCP/IP packet has basically four fields for addressing; these are:

Inside the TCP stack, these four fields are used as a compound key to match up packets to connections (e.g. file descriptors).

If a client has many connections to the same port on the same destination, then three of those fields will be the same - only source_port varies to differentiate the different connections. Ports are 16-bit numbers, therefore the maximum number of connections any given client can have to any given host port is 64K.

However, multiple clients can each have up to 64K connections to some server\'s port, and if the server has multiple ports or either is multi-homed then you can multiply that further.

So the real limit is file descriptors. Each individual socket connection is given a file descriptor, so the limit is really the number of file descriptors that the system has been configured to allow and resources to handle. The maximum limit is typically up over 300K, but is configurable e.g. with sysctl.

The realistic limits being boasted about for normal boxes are around 80K for example single threaded Jabber messaging servers.