With the development of the Internet, shortage of IP addresses has become an increasingly severe problem. At present, a NAT technology is a principal method to solve this problem. The NAT is a technology that translates a private network address into a public network address. In a local area network, each internal node occupies one internal address (that is, an address inside the local area network, which is also referred to a private network address). When the internal node needs to communicate with an external network, the internal address that the internal node occupies may be translated into a public network address by the NAT technology, thereby realizing normal communication between the internal node in the local area network and the external network. Thus, by the NAT technology, multiple computers could share one public network address (IP address), so as to solve the problem of shortage of public IP addresses.
The internal address is used inside the local area network. In other words, a private network address may not be assigned in the Internet (i.e. the public network). The private network addresses include:
10.0.0.0˜10.255.255.255
172.16.0.0˜172.31.255.255
192.168.0.0˜192.168.255.255
The public network addresses include:
0.0.0.0˜126.255.255.255
128.0.0.0˜191.255.255.255
192.0.0.0˜223.255.255.255
In practical application, each corporation or organization may select suitable private network addresses according to a number of hosts. Private network addresses used by different corporations or organizations may be identical, or different.
FIG. 1 is a schematic diagram of realizing a NAT service in the prior art. In a computer network as shown in FIG. 1, network addresses used inside one local area network are in the network segment 10.0.0.0, and an external public network address is 202.196.3.23. When a host with an internal network address 10.1.1.48 inside the local area network needs to access a server with an address 202.18.245.251 outside the local area network in a www manner, the host with the network address 10.1.1.48 sends a message. A source port of the message is 6084, a destination port thereof is 80. When the message passes a router, the router translates a source address and the source port of the message to 202.196.3.23:32814 through the NAT technology, and then the message is forwarded without changing a destination address and the destination port. When the server in the external network returns a result, the router may translate a destination IP address and a port of the result message to 10.1.1.48:6084, thereby realizing communication between the host inside the local area network and the server outside the local area network.
During the routing, the router may produce a NAT forwarding entry. The forwarding entry that includes an address and a port number before the NAT translation and an address and a port number after the NAT translation. The forwarding entry is produced during the NAT translation. The forwarding entry in the example may be as follows:
before translation: 10.1.1.48:6084<------------> after the translation: 202.196.3.23:32814.
That is, a source address 10.1.1.48 of the message is changed into 202.196.3.23, and a port number 6084 is changed into 32814. When the router receives a message with a destination address 202.196.3.23 and a port number 32814 from the outside, a destination address of the message is changed into 10.1.1.48, and the port number thereof is changed into 6084.
When a lot of NAT services need to be processed within a short time, the capacity of processing NET services may be decreased and network resources may be wasted.