One or more fire alarm panels may be connected via a network with a central server. However, communication in the network is made more difficult if one of the fire alarm panels is behind a firewall or other network address translation (NAT) device.
A NAT device modifies IP address information in IP packet headers while in transit across a traffic routing device. The NAT device can hide an entire IP address space, usually comprising private IP addresses of the fire alarm panels, behind a single IP address (or in some cases a small group of IP addresses) in another (usually public) address space. Thus, the NAT device may have a single public IP address, behind which are one or more private IP addresses of the fire alarm panel(s).
There are different types of NATs. One type of NAT is a one-to-one NAT, which provides a one-to-one translation of IP addresses. In this type of NAT, the IP addresses, IP header checksum and any higher level checksums that include the IP address are changed, while the rest of the packet may be unchanged. Further, this type of NAT may be used to interconnect two IP networks with incompatible addressing.
Another type of NAT is a one-to-many NAT, which provides a one-to-many translation of IP addresses. There are also instances to hide an entire IP address space, usually comprising private IP addresses, behind a single IP address (or in some cases a small group of IP addresses) in another (usually public) address space. To avoid ambiguity in the handling of returned packets, the one-to-many NAT alters higher level information such as TCP/UDP ports in outgoing communications and must maintain a translation table so that return packets can be correctly translated back.
Using NATs enables communication through the router only when the conversation originates in the masqueraded network, since this establishes the translation tables. For example, a panel “behind” the NAT needs to initiate communication to an external device. This is because the panel behind the NAT has a private IP address, which is not known to the external device.
NATs are used to alleviate the consequences of IPv4 address exhaustion. Further, some systems using NATs do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address.
Network address translation has serious drawbacks on the quality of Internet connectivity and requires careful attention to the details of its implementation. In particular, NATs break the originally envisioned model of IP end-to-end connectivity across the Internet, making it difficult for systems behind a NAT to accept incoming communications. This is particularly the case where panels behind the NATs need to be configured.