In daily work, we often meet address translation NAT, proxy, what is the difference between them?
1. The protocol layer they work in is different, NAT need to unpack and restructure the IP frame, so it works in the third layer of ISO seven layer model, network layer: Proxy needs to know the protocol of the specific application layer, it usually works in the application layer, so also known as application gateways.
2. Speed is different, NAT works in lower layer, the speed is faster than the proxy which works at the top layer. If the Proxy did cache buffer, it would not be necessarily.
3. Support different protocols, generally NAT supports many upper application layer protocol, the not be supported agreement is very little. And Proxy usually supports less protocols, such as squid supports HTTP and based on the browser's FTP. So sometimes have more than one Proxy collaboration, HTTP Proxy + FTP Proxy + SMTP agent + POP agent and so on. Of course also some Proxy server integrated the agency protocols, such as M $Proxy, in addition the delegate supported protocols are more than squid. But generally speaking Proxy supported protocol is less and the flexibility are relatively poor.
4. Management control function is different. NAT control functions is relatively less; By contrast Proxy this aspect function is more powerful. User authentication, fine access control, cache buffer and management, etc. But NAT can often combine with packet filtering technology to make up for the deficiency of its control function.
Two kinds of technology can drive the LAN access to Interent, save IP address resource. But each has characteristics and each has his strong point, in the actual environment we can according to their own needs and conditions to choose, in fact many cases both can well exist in the same network environment, learn from each other’s strong points, and provide us with better service.