Proxy Servers and Address Translation

Proxy Server

A proxy server is an application that acts as an intermediate between internal and external networks for processing requests. Proxy servers hide internal networks and hence provide an additional layer of security. They are used to share internet connections across multiple computers such as an Internet Café. Some proxy servers’ cache resources such as web pages, videos to prevent content being re downloaded thus saving network bandwidth referred to as caching proxies. Proxy servers can also be used to restrict or bypass Internet access.

For an example on Caching Proxy, look at the above illustration. All clients and the Proxy Server are connected to a centralized switch which in turn is connected to the Internet. When Client 1 requests a website, it will be forwarded to the Proxy Server. If the content is not available in its cache, the Proxy Server will forward the request outside this network and provide Client 1 with corresponding content once it receives and stores it in its cache. When Client 2 requests for the same website, Praxy Server will search its cache and if available, it will be instantly provided to Client 2. This saves network traffic as the request is processed internally..

Notable proxy servers include Winproxy, Wingate, Microsoft Proxy Server, Squid, etc.

NAT

Network Address Translation or NAT is the process of modifying a private IP address to a public address and vice versa. NAT is commonly used where a single. public address is used for sharing Internet access to multiple computers hence, multiple private IP addresses. NAT is a feature used widely in home, small & medium to enterprise networks for more than a decade due to IPv4 address exhaustion. Classic example includes the Internet Café (referred to as browsing centers; which uses a single public IP among multiple clients having private ip Addresses.

NAT

For example, look at the illustration. ISP has issued a Public address of 202.12.12.18 for this connection (WAN Interface) that is connected to a NAT device, NAT device’s internal IP address (LAN Interface) is 192.168.1.1 and the clients are assigned 192.168.1.2 and 192.168.1.3 which are private IP addresses. Clients cannot send any request directly to 73.12.34.54 as it’s a public IP address. Listed below is the NAT process in this case:

  1. Client 1 sends a request to 73.12.34.54.
  2. LAN interface assigned with IP 192.168.1.1 receives the request.
  3. NAT software on the Router replaces 192.168.1.1 with 202.12.12.18 and sends the request to 73.12.34.54.
  4. 73.12.34.54 replies to 202.12.12.18.
  5. NAT software replaces 202.12.12.18 with 192.168.1.1 based on its NAT table.
  6. Reply is sent to 192.168.1.2.

The process is repeated for all other clients in the network. Thus though they are assigned Private IP addresses, computers in a network can access the Internet by using a single public IP address.

SOHO Routers are NAT devices widely found in home and small business networks.

Since routing happens between public & private IP addresses and vice versa depicting the function of routing, NAT devices are commonly referred to as Routers.

SOHO Routers usually have:

  • WAN Port, for connecting to the Internet
  • LAN Ports, for connecting 4 to 8 computers using RJ-45 & UTP
  • Access Point (Wireless Router Models), for connecting computers using WLAN

Internet Connection Sharing (ICS)

Internet Connection Sharing is a feature in Windows Operating System that enables you to share Internet access with other computers on a network. ICS can be used when there is no availability of Wi-Fi Routers or other NAT Devices and also on dial-up, DSL, Cable, WiMAX and other connections.

ICS has a built-in DHCP service that automatically allocates IP address, gateway IP address, DNS IP address to other computers when they connect. ICS DHCP uses the reserved range of 192.168.0.2 to 192.168.0.254 and this range cannot be changed.

When the second computer connects (or is turned on), ICS automatically assigns an IP address from the ICS reserved range and allows the second computer to use the Internet connectivity available on the first computer.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.