dslreports logo

If you use the consumer version of a DirecWay product, the IP address of your satellite adapter is not routable on the internet. It can only be used on private networks. Hughes uses a method of translating your IP address to a routable address called Network Address Translation. This is where "NAT" comes from. In a typical NAT configuration, your computer appears to every other computer on the internet to have the IP address of the machine that is performing the NAT services. All your traffic goes through that machine. It keeps a table (a NAT table, strangely enough)of entries of everything you have requested from the Internet so that when the response comes back, it knows who requested it and where the response should be sent.

NAT is used as a way to conserve IP addresses, as Internet routable IP addresses are neither free or readily available in huge quantities. It also provides a good level of initial security, as unless your computer requested it, it is very hard for an external computer to send you anything. It can cause issues for some applications that insist on knowing the exact IP address of the computer they are talking to. This can make being a VPN client difficult, and can make it impossible to connect to your machine as an FTP or PcAnywhere server.

Now the odd thing about the Hughes NAT is that sometimes it seems to work like every other NAT in that your public, routable IP address is shared with every other user going through the same NAT device. Other times, the translated address is unique to you alone. This is the phenomenon we around here call being "un-nated". It really is a misnomer, because your address is always a result of NAT. Even the unique one you get during the "un-nated" phases is still not the address of your adapter and has been translated for use on the Net. The difference is if your NAT'd public IP address is unique to you, then any security benefit of NAT is lost, and those applications that require you to have a unique public, routable IP start magically working.

It has been the experience of DirecWay users that when they are NOT using the proxy AND they have a public IP address ending in a single digit, they are "nated" or are sharing the address with many other users. If that address when not using the proxy ends in some other multi digit octet, they are "un-nated" and have a unique IP. During these times you will see many hits on your firewall as your computer is completely exposed to the Internet, and all the port scanning traffic.


Expand got feedback?

by PetDude See Profile
last modified: 2002-05-19 16:37:03