DNS Mapping
In practice, users on a private network need to access internal servers on the same private network using domain names, but the DNS server is located on a public network. Usually, a DNS response packet carries the public IP address of an internal server. If the NAT device does not replace the public IP address resolved by the DNS server with the private IP address of the internal server, users on the private network cannot access the internal server using the domain name.
DNS mapping can solve the problem by configuring a table that specifies the mapping between domain names, public IP addresses, public port numbers, and protocol types. In this manner, the mapping between domain names of servers on the private network and public network information is established.
Figure 5-5 describes the implementation of DNS mapping.
As shown in Figure 5-5, the host on the private network needs to access the web server using the domain name, and the Router functions as a NAT server. After receiving a DNS response packet, the Router searches the DNS mapping table for the information about the web server based on the domain name carried in the response packet. Then, the Router replaces the public IP address carried in the DNS response packet with the private IP address of the web server. In this manner, the DNS response packet received by the host carries the private IP address of the web server. Then, the host can access the web server using the domain name.
Previous
