【请教】NAT我知道，什么是PAT呢？

小蟹

至于IPV6纯属替别人吹牛，

都不要相信太多。

八字还没一撇，冷眼旁观就行了

dolink

简单说 pat 就是 端口地址翻译
一般是说 外部 只有一个ip 用4层的 端口 做与内部的ip 端口对应地翻译
具体配置 就比nat多一个关键字

overload

JohnBull

根本不存在所谓PAT的概念，是商家纂出来骗人的。
NAT就够了。

oyljerry

PNAT针对端口port
NAT针对网络地址

俊狼

PNAT 我没有见过那个企业在用!　　　　　好像用的比较少！    比较同意JOHNBULL 大侠说的!　　　其实现在的公网地址没有大家说的那么少吧！　　　不过ＮＡＴ还是要用的！   

其实大家也清楚，技术不能决定一切!　　　技术一直在受商业动作的控制嘛！　　　　

我爱臭豆腐

Q. What is PAT, or NAT overloading?
    A. PAT, or NAT overloading, is a feature of Cisco IOS NAT and can be used to translate internal (inside local) private addresses to one or more outside (inside global—usually registered) IP addresses. Unique source port numbers on each translation are used to distinguish between the conversations.

    With NAT overload, a translation table entry containing full address and source port information is created.

Q. When configuring for PAT (NAT overloading), what is the maximum number of translations that can be made for each inside global IP address?
    A. PAT (NAT overloading) divides the available ports per global IP address into three ranges of 0-511, 512-1023, and 1024-65535. PAT (NAT overloading), assigns a unique source port for each User Datagram Protocol (UDP) or Transmission Control Protocol (TCP) sessions. It will attempt to assign the same port value of the original request. However, if the original source port has already been used, it will start scanning from the beginning of the particular port range to find the first available port and assign it to the conversation.

Q. How does PAT work?
    A1. PAT with one IP address:

       1. NAT/PAT inspects traffic and matches to a translation rule.

       2. The rule matches to a PAT configuration.

       3. Does PAT know about the traffic type and does that traffic type have a specific set of ports, or ports it negotiates that it will use? If so, set them aside and do not allocate them as unique identifiers.

       4. Sessions with no special port requirements attempt to connect out. PAT translates the IP source address and checks the availability of the originated source port (for example, 433).

          Groups are 1-511, 512-1023, and 1024-65535.

          Note: For TCP and UDP, groups are 1-511, 512-1023, 1024-65535. For ICMP the first group starts at 0.

       5. If the requested source port is available, it assigns the source port and the session continues.

       6. If the requested source port is not available, NAT starts searching from the beginning of the relevant group. In this example starting at 1 for TCP or UDP applications and 0 for ICMP.

       7. If a port is available, it is assigned and the session continues.

       8. If no ports are available, the packet is dropped.

    A2. PAT with multiple IP addresses:

    Use the same logic as with a single IP address (Steps 1 - 8 above) and:

       9. If no ports are available in the relevant group on the first IP address, NAT flips to the next IP address in the pool and tries to allocate the original source port requested.

      10. If the requested source port is available, it assigns the source port and the session continues.

      11. If the requested source port is not available, NAT starts searching from the beginning of the relevant group. In this example starting at 1 for TCP or UDP applications and 0 for ICMP.

      12. If a port is available, it is assigned and the session continues.

      13. If no ports are available, the packet is dropped unless another IP address is available in the pool and until all IP addresses have been checked.

Q. What is the maximum number of configurable NAT IP pools (using the ip nat pool <name>; command)?
    A. There is no actual limit. In practical use, however, the maximum number of configurable IP pools is limited by the amount of available DRAM in the particular router being used.
原文来自http://www.cisco.com/en/US/tech/tk648/tk361/technologies_q_and_a_item09186a00800e523b.shtml#Q12

JohnBull

NAT是标准,是有RFC的(RFC1631). PAT则没有公共标准可循.

比如Linux就根本不提PAT这种莫须有的"标准",只有NAT,只是在实现的时候尽量在转发后保持源端口不变,实在不行的时候才予以映射.