NAT+en+ingles

He encontrado una explicacion de NAT bastante curiosa, solo que esta en INGLES. Pero me ha parecido curiosa y la explicacion mas o menos adecuada. Pongo lo que me ha parecido mas importante:

One to many NATs
The majority of NATs map multiple private hosts to one publicly exposed IP address. In a typical configuration, a local network uses one of the designated "private" IP address subnets ( RFC 1918 ). A router on that network has a private address in that address space. The router is also connected to the Internet with a "public" address assigned by an Internet service provider. As traffic passes from the local network to the Internet, the source address in each packet is translated on the fly from a private address to the public address. The router tracks basic data about each active connection (particularly the destination address and port). When a reply returns to the router, it uses the connection tracking data it stored during the outbound phase to determine the private address on the internal network to which to forward the reply. All Internet packets have a source IP address and a destination IP address. Typically packets passing from the private network to the public network will have their source address modified while packets passing from the public network back to the private network will have their destination address modified. More complex configurations are also possible. To avoid ambiguity in how to translate returned packets, further modifications to the packets are required. The vast bulk of Internet traffic is TCP and UDP packets and for these protocols the port numbers are changed so that the combination of IP and port information on the returned packet can be unambiguously mapped to the corresponding private address and port information. Protocols not based on TCP or UDP require other translation techniques. ICMP packets typically relate to an existing connection and need to be mapped using the same IP and port mappings as that connection.

Methods of Port translation
There are several ways of implementing network address and port translation. In some application protocols that use IP address information, the application running on a node in the masqueraded network needs to determine the external address of the NAT, i.e., the address that its communication peers detect, and, furthermore, often needs to examine and categorize the type of mapping in use. Usually this is done because it is desired to set up a direct communications path (either to save the cost of taking the data via a server or to improve performance) between two clients both of which are behind separate NATs. For this purpose, the Simple traversal of UDP over NATs (STUN) protocol was developed ( RFC 3489, March 2003). It classified NAT implementation as //full cone NAT//, //(address) restricted cone NAT//, //port restricted cone NAT// or //symmetric NAT// and proposed a methodology for testing a device accordingly. However, these procedures have since been deprecated from standards status, as the methods have proven faulty and inadequate to correctly assess many devices. New methods have been standardized in RFC 5389 (October 2008) and the STUN acronym now represents the new title of the specification: //Session Traversal Utilities for NAT//.

Like an address restricted cone NAT, but the restriction includes port numbers.
 * **Full-cone NAT**, also known as //one-to-one NAT//
 * Once an internal address (iAddr:iPort) is mapped to an external address (eAddr:ePort), any packets from iAddr:iPort will be sent through eAddr:ePort.
 * //Any external host// can send packets to iAddr:iPort by sending packets to eAddr:ePort. || [[image:http://upload.wikimedia.org/wikipedia/commons/thumb/4/44/Full_Cone_NAT.svg/400px-Full_Cone_NAT.svg.png width="400" height="180" caption="Full Cone NAT.svg" link="http://en.wikipedia.org/wiki/File:Full_Cone_NAT.svg"]] ||
 * **(Address) restricted cone NAT**
 * Once an internal address (iAddr:iPort) is mapped to an external address (eAddr:ePort), any packets from iAddr:iPort will be sent through eAddr:ePort.
 * An external host (//hAddr:any//) can send packets to iAddr:iPort by sending packets to eAddr:ePort only if iAddr:iPort has previously sent a packet to hAddr://any//. "Any" means the port number doesn't matter. || [[image:http://upload.wikimedia.org/wikipedia/commons/thumb/3/3c/Restricted_Cone_NAT.svg/400px-Restricted_Cone_NAT.svg.png width="400" height="180" caption="Restricted Cone NAT.svg" link="http://en.wikipedia.org/wiki/File:Restricted_Cone_NAT.svg"]] ||
 * **Port-restricted cone NAT**
 * Once an internal address (iAddr:iPort) is mapped to an external address (eAddr:ePort), any packets from iAddr:iPort will be sent through eAddr:ePort.
 * An external host (//hAddr:hPort//) can send packets to iAddr:iPort by sending packets to eAddr:ePort only if iAddr:iPort has previously sent a packet to hAddr:hPort. || [[image:http://upload.wikimedia.org/wikipedia/commons/thumb/c/c2/Port_Restricted_Cone_NAT.svg/400px-Port_Restricted_Cone_NAT.svg.png width="400" height="180" caption="Port Restricted Cone NAT.svg" link="http://en.wikipedia.org/wiki/File:Port_Restricted_Cone_NAT.svg"]] ||
 * **Symmetric NAT**
 * Each request from the same internal IP address and port to a specific destination IP address and port is mapped to a unique external source IP address and port, if the same internal host sends a packet even with the same source address and port but to a different destination, a different mapping is used.
 * Only an external host that receives a packet from an internal host can send a packet back. || [[image:http://upload.wikimedia.org/wikipedia/commons/thumb/7/73/Symmetric_NAT.svg/400px-Symmetric_NAT.svg.png width="400" height="180" caption="Symmetric NAT.svg" link="http://en.wikipedia.org/wiki/File:Symmetric_NAT.svg"]] ||

Configuration Corner
Under this section in the article, the basic way(s) of configuring a NAT scheme on a router will be indicated. Remember that the steps used under this section falls under the setting a NAT server up on a Cisco router. Getting a real router might not be readily available to undertake this experiment and practice, however, you can choose to use a real router simulator such as the Cisco Packet Tracer. Assume that in this show, we have 3 routers, a switch and three computers. The basic ways in setting up a NAT server using your router are as follows: We assume you know how IP routing and how to converge a network using routing protocols. Make sure your diagram looks similar to the one shown in the image and well converged. RIP is recommended for faster and simple configurations.
 * Connecting your devices together
 * Now that your devices are fully interconnected as shown in the diagram, please follow the code below. Note too that the namings found on the diagram shown above is what is used throughout the description below. Any changes you make during your setting up should also correspond to the naming here (namings don't matter)



Success
Now that you have your router configured as such, you should have success.