I have some doubts based on ALG and Firewall that are related to NAT. Please correct me if my questions are also wrong.
-
NAT is handled by router, and it gives a public address ( routers ip address ) to the all host who are connected. All router is having capability for NAT. So does that mean a group of hosts in a single network, untill they are not connected to outside network ( WAN ), the NAT concepts does not apply on the router ?
-
Among Control Plane and Data Plane, which one is responsible for forwarding the data of a private network and which one is responsible for mapping between the tupples ( private ip & port, public ip & port ). This question leads to another, like a router having ARP cache table, is ther any table maintained for NAT ? If yes what is that called ? If No then how it handles NAT ?
-
What is the difference between ALG and Firewall, because I was thinking like ALG is the firewall.
-
As per IANA Private ports range is between 49152 to 65535 but some linux also follows 32768 to 61000. So if a Application use 40,000 port which is not been used in another system ( because of IANA rule ), how this is handled ?
IF THERE IS ANY OTHER QUESTIONS POSSIBLE REGARDING NAT PLEASE POST IT, I WOULD LIKE TO KNOW
Thank You
Best Answer
If I understand your question correctly, the NAT router translates addresses as data moves from the "inside" to the "outside." If traffic doesn't pass through the router, there is no translation.
"Control plane" and "data plane" are conceptual terms. There isn't always a correspondence to hardware or software. That said, forwarding traffic is the function of the data plane.
The terms ALG, firewall, layer3 switch, etc have no fixed definition. They get defined by the manufacturers and can mean whatever they want it to mean. But generally speaking, an ALG often performs the same functions as a firewall.
TCP/IP can't read IANA specifications, so a port is a port, no matter what number is used. They are all handled (and translated) the same way.