2 inverse masquerading, Ading” (’inverse masquerading – Lancom Systems LCOS 3.50 User Manual

LANCOM Reference Manual LCOS 3.50

̈

Chapter 7: Routing and WAN connections

78

Routing and

W

A

N

con

n

ections

7.3.2

Inverse masquerading

This masking operates in both directions: The local network behind the IP
address of the router is masked if a computer from the LAN sends a packet to
the Internet (simple masquerading).

If, on the other hand, a computer sends a packet from the Internet to, for
example, an FTP server on the LAN (’exposed host’), from the point of view of
this computer the router appears to be the FTP server. The router reads the IP
address of the FTP server in the LAN from the entry in the service table. The
packet is forwarded to this computer. All packets that come from the FTP
server in the LAN (answers from the server) are hidden behind the IP address
of the router.

The only small difference is that:

̈

Access to a service (port) in the intranet from outside must be defined in
advance by specifying a port number. The destination port is specified
with the intranet address of, for example, the FTP server, in a service table
to achieve this.

̈

When accessing the Internet from the LAN, on the other hand, the router
itself makes the entry in the port and IP address information table.
The table concerned can hold up to 2048 entries, that is it allows 2048
simultaneous transmissions between the masked and the unmasked
network.

After a specified period of time, the router, however, assumes that the
entry is no longer required and deletes it automatically from the table.

Source: 80.123.123.123

Target: 80.146.74.146, Port 21

Ports

Target IP

20 to 21

10.0.0.10

IP: 10.0.0.10