⚠ Switch to EXCALIDRAW VIEW in the MORE OPTIONS menu of this document. ⚠ You can decompress Drawing data with the command palette: ‘Decompress current Excalidraw file’. For more info check in plugin settings under ‘Saving’

Excalidraw Data

Text Elements

device A

subnet 1: 192.0.2.0/244

router2

device B

subnet 2: 172.16.100.1

private ip: 192.168.1.1 public ip: 203.0.113.1

private ip: 10.0.0.2 public ip: 198.51.100.1

ip: 10.0.1.10

ip: 192.168.1.10

router1

src IP: device A’s private IP src port: 随机高位 dst IP: router2’s public IP dst port: 443

src IP: 192.168.1.10 src port: 54321 dst IP: 198.51.100.1 dst port: 443

ip packet 1

src IP: router 1’s public IP src port: 随机高位 dst IP: router2’s public IP dst port: 443

src IP: 203.0.113.1 (changed) src port: 32000 (changed) dst IP: 198.51.100.1 dst port: 443

ip packet 2

dest Ip obtained via DNS src port created by socket dst port 443 assuming https

NAT table at router 1

{deviceA private ip:port} → {router1 public ip:port} {192.168.1.10:54321} → {203.0.113.1:32000}

ip packet routing with NAT

src IP: router 1’s public IP | router 2’s private IP src port: router 1’s port | router 2’s port dst IP: device B’s private IP dst port: 443

src IP: 203.0.113.1 or 10.0.0.2 src port: 32000 or 51234 dst IP: 10.0.1.10 dst port: 443

ip packet 3

NAT table at router 2

{router1’s public ip:port} → {deviceB’s private ip:port} {203.0.113.1:32000} → {10.0.1.10:443}

baggiiiie

Explorer

routing.excalidraw

Excalidraw Data

Text Elements

src IP: device A’s private IP src port: 随机高位 dst IP: router2’s public IP dst port: 443

src IP: router 1’s public IP src port: 随机高位 dst IP: router2’s public IP dst port: 443

src IP: router 1’s public IP | router 2’s private IP src port: router 1’s port | router 2’s port dst IP: device B’s private IP dst port: 443

Graph View

Table of Contents

Backlinks