Suggested Answer:D🗳️
NAT operation is typically transparent to both the internal and external hosts. Typically the internal host is aware of the true IP address and TCP or UDP port of the external host. Typically the NAT device may function as the default gateway for the internal host. However the external host is only aware of the public IP address for the NAT device and the particular port being used to communicate on behalf of a specific internal host.
NAT and TCP/UDP - "Pure NAT", operating on IP alone, may or may not correctly parse protocols that are totally concerned with IP information, such as ICMP, depending on whether the payload is interpreted by a host on the "inside" or "outside" of translation. As soon as the protocol stack is traversed, even with such basic protocols as TCP and UDP, the protocols will break unless NAT takes action beyond the network layer. IP packets have a checksum in each packet header, which provides error detection only for the header. IP datagrams may become fragmented and it is necessary for a NAT to reassemble these fragments to allow correct recalculation of higher-level checksums and correct tracking of which packets belong to which connection. The major transport layer protocols, TCP and UDP, have a checksum that covers all the data they carry, as well as the TCP/UDP header, plus a "pseudo-header" that contains the source and destination IP addresses of the packet carrying the TCP/UDP header. For an originating NAT to pass TCP or UDP successfully, it must recompute the TCP/UDP header checksum based on the translated IP addresses, not the original ones, and put that checksum into the TCP/UDP header of the first packet of the fragmented set of packets. The receiving NAT must recompute the IP checksum on every packet it passes to the destination host, and also recognize and recompute the TCP/UDP header using the retranslated addresses and pseudo-header. This is not a completely solved problem. One solution is for the receiving NAT to reassemble the entire segment and then recompute a checksum calculated across all packets. The originating host may perform Maximum transmission unit (MTU) path discovery to determine the packet size that can be transmitted without fragmentation, and then set the don't fragment (DF) bit in the appropriate packet header field. Of course, this is only a one- way solution, because the responding host can send packets of any size, which may be fragmented before reaching the NAT.
The correct answer is B. When traffic that originates outside the network must be routed to internal hosts.
One-way NAT (Network Address Translation) is used to translate the source IP address of packets that originate from a private IP address space to a public IP address when the packets go out to the internet. It is called one-way NAT because it only translates the source IP address and not the destination IP address.
In this scenario, one-way NAT is required when traffic from outside the network needs to access internal hosts. This is because the internal hosts have private IP addresses that cannot be reached from the internet. By using one-way NAT, the source IP address of the packets from the internal hosts is translated to a public IP address before it is sent to the internet. When the response packets come back from the internet, they are sent to the public IP address, which is then translated back to the private IP address of the internal host.
I have to agree, D seems more plausible, given that if there are few public IPs, you would want to use them, but change the port numbers for each device that uses the public IP addresses from the pool
I think the correct answer is B for one way NAT. D is the description of PAT.
upvoted 3 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
m2r1n0
1 year agoicdaniel
5 years agoYR
5 years, 2 months agoYR
5 years, 3 months agoeugeny
5 years, 7 months ago