The Net Address Translation (NAT) technology provides a method of accessing Internet with hosts in a Local Area Network (LAN), and the method solves the problem of insufficient IP addresses. Furthermore, the internal hosts in the LAN are invisible to Internet, i.e., hosts in Internet can't proactively access internal hosts in the LAN. For example, there is a host with an IP address 10.110.0.0/24 in an internal LAN and the LAN is connected to Internet via a private line and has a valid public IP address 202.38.160.1 applied through Internet Service Provider (ISP), at this time, all hosts in the LAN can share the IP address 202.38.160.1 to access Internet through NAT technology. However, hosts on Internet are unable to proactively access any internal host in the LAN.
With the development of network technologies, many organizations begin to use private addresses to establish internal LANs. Furthermore, However, some internal hosts in such a LAN are required to store resources and can be accessed by users on Internet, for example, the LAN provides WEB server, in this case, users on Internet can access the hosts providing WEB server in the LAN. Currently, in order to enable users on Internet can access the hosts in the LAN, a typical technology is to configure a “static mapping”. For example, a WEB server with an internal address 10.110.0.1 is to be deployed in the LAN, a “static mapping” has to be configured to bind the valid IP address 202.38.160.1 provided through ISP to the IP address 10.110.0.1. Thus, if a host on Internet tries to access the WEB server, it can access the host with internal IP address 10.110.0.1 through accessing the IP address 202.38.160.1. Said method satisfies the requirement for providing an internal server in the LAN, and at the same time, other hosts in the LAN can't access Internet with the valid IP address, which results in waste of the valid public IP address, furthermore, and the LAN can not provide other exterior services (such as Domain Name Server (DNS) or File Transfer Protocol (FTP) server).
Seen from said traditional technology, the method for providing internal server with the static binding address has the following disadvantages:
First, though the method of static binding IP address enables hosts on Internet to access the internal server in the LAN, IP addresses can't be fully used, which results in a waste of limited IP addresses resource.
Second, said scheme has a potential safety hazard: usually the server providing exterior services is for single-use, for example, a WEB server is just used to deliver Hypertext Transfer Protocol (HTTP) service to the external world and the host is only needed to provide the access to port 80. However, if a WEB server is provided in the static binding method, users in external networks can access not only port 80, but also any other port. For example, some server can be maintained through Telnet, such a maintenance can be done only in internal network equipments, however, if static binding address translation method is used, hosts on external networks or Internet can also access the server through Telnet, which brings potential safety hazard for the internal server.
Third, according to traditional technology, internal services can not be provided through non-standard ports of the internal server, for example, if 2 WEB servers should be provided in the LAN and one of them has to use port 8080 instead of port 80, which can not be realized according to traditional technology.