Introduction

The Internet has grown immensely over the last few years. Today one estimates that several thousand new hosts get newly connected every day. This vast growth rate has caused considerable problems, due to the fact that the Internet's infrastructure and its protocols were designed decades ago, when only a few still countable number of hosts used it and it was unforeseeable that there would ever be such an immense need for connectivity. As a result, the Internet's transport protocol IPv4 does not provide enough unique addresses for all the new hosts on the internet. The number of distinct IPs is still large enough, but because of routing issues they can only be given away in relatively big chunks.

One consequence was that people started developing a new Internet protocol, known today as IPv6 or 'IP next generation', that should overcome limitations imposed by IPv4. Among other improvements they considerably increased the address space so that it will hopefully last for the next few decades. However, since developing a new protocol which in addition is of such major importance as the IP protocol takes some years and the migration can also not be done in a day it was clear that we would still have to live with IPv4 for a couple of years. That meant to find solutions to the problem of scarce address space, since this was the most pressing one. One such solution is to use private internal addresses on ones own network and make connections to the internet through proxies, so that no direct IP-connectivity is needed. This is of course only possible if there are proxies for the application/protocol that is being used, but only a single IP address is needed for an entire network.

A more general solution is to convert those private, internal addresses to official addresses when crossing the border to the internet. Since the number of hosts that communicate over the internet at a given time is considerably lower than the total number of hosts, that will save address space, because only those hosts currently communicating will dynamically get an official address assigned by a NAT-router. This is (mostly) application independent since it happens on the IP protocol layer, where no application specific information is stored. Ideally, the translation will be entirely invisible to the applications.

There are many products available today that do NAT. The reason that I choose that topic is because I wanted to try to find a more general approach. Most of the products I have seen, including the system that I selected for an example implementation of my ideas, Linux, only implement m:1 IP-translation (m>1), some also support m:n translation with m=n (static NAT) or m!=n (dynamic NAT) and m,n>1. I will try to enhance this by introducing such things like a virtual IP address space for the kernel and even find new applications for NAT-techniques.

In addition, working on and with IP address translation one quickly finds that this technique can do much more than helping to solve the address space problem. I will discuss address translation in detail in the following sections. A part of this work is the example implementation of the techniques discussed using a more and more widely used system, Linux (kernel version 2), as a base.