There is an answer explaining in simple terms how a router works translating requests from the local network to outside and back (https://superuser.com/questions/105838/how-does-router-know-where-to-forward-packet) what is not clear - for how long a record in the NAT is kept?
For example, if I send a UDP request to 25.34.11.56:3874 and my local endpoint is 192.168.1.21:54389 the router rewrites the request packet and adds a record to the NAT. Let's say the external endpoint will be 68.55.32.89:34535. Then the computer which received my request responds to the 68.55.32.89:34535 and the packet it forwarded to the local 192.168.1.21:54389 in accordance with the NAT record. What happens after that to the records?
What if the 25.34.11.56:3874 decides to send a request to my external endpoint 68.55.32.89:34535 after 10 or 100 minutes? Will it still be forwarded by the router to the 192.168.1.21:54389?
Let's say there is another remote computer with the endpoint 55.43.77.98:8765. What will happen if this computer sends a request to my external endpoint 68.55.32.89:34535? Will it be forwarded to the local 192.168.1.21:54389 or will it be filtered out by the router because the remote endpoint does not match 25.34.11.56:3874 which was initially used for the first request and for the NAT record?
By default, the dynamic entries are held in the NAT table for 86,400 seconds (24 hours). You can change this time with the command ip nat translation timeout to any time between 0 and 2,147,483,647 seconds (approximately 68 years).
Using Network Address Translation (NAT) Dispatcher capability removes the limitation for the backend servers to be on a locally attached network. With the NAT forwarding method, Dispatcher load balances the incoming request to the server. The server returns the response to Dispatcher.
The destination makes a connection request back to the router with the router's IP address and a specified port. The router checks the NAT table for the specific IP address/port combination to see if there's an open connection. If there is, the request is then passed along to the correct device on the internal network.
Port forwarding does not affect other devices on the network. It only affects the host device's connection and how it communicates with other devices on the internet. Therefore, it will not affect other devices' connectivity or how they communicate with other devices on the internet.
It depends.
According to Section 4.3 of RFC 4787, the UDP timeout of a NAT should not be smaller than 2 minutes (120 seconds), except for selected, well-known ports. In practice, however, routers tend to use smaller timeouts. For example, OpenWRT 14.07 uses a timeout of just 60 seconds.
For TCP, the timeouts can be much larger, since TCP connections are usually terminated by an explicit FIN/FIN-ACK exchange. For established TCP connections, Section 5 of RFC 5382 specifies a timeout of no less than 2 hours 4 minutes (7204 seconds), and OpenWRT uses 7440 seconds.
Concerning your second question, most NATs maintain mappings that are specific to a pair of endpoints (socket addresses). If a host A inside the NAT sends a datagram to socket adress B, then the mapping will only apply to communication between A and B — a different host C outside the NAT will not be able to use that particular mapping to send data to A. (Some so-called full cone NATs allow that, but they are fairly rare.)
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With