thomas"stopspammers" said:
How does Win2k Internet connection sharing work? Can I access
Computers _inside_ the LAN from the internet?
Generally,..No....except there is always a "...but..".
i found out that different comps in the LAN expose the same address to the
internet. What is that? A normal gateway should give _every_ host an
internetwide IP address.
No it wouldn't. It doesn't give Clients anything for that matter. ICS is a
light-weight NAT Service (Network Address Tranlation). All clients appear
to the Internet as the IP# of the Gateway itself. It is always the same
number, and it is always the number of the public side of the Gateway. All
client machines have/get/receive an address from one of the three RFC
Private Address ranges (typically 192.168.?.?) and these addresses are not
compatible with the Internet.
It can't be a http proxy because other protocols work too and it can't be a
catch-all-proxy, can it?
No. It is not a "proxy" at all. A "NAT" system, and a "proxying" system are
two completely different *competing* technologies. On the surface they
appear to produce the same end result, but the methods used are different.
So, is it possible to make services inside the
LAN available to the world (maybe, if there's no other way, port
forwarding)?
I don't know if the ICS of Windows2k can even do it or not, but here is an
explaination of the terminology & technology. I never used ICS and have only
used the more robust variation of RRAS/NAT in Server2000 & 2003
It exact terminology would vary from manufacturer to manufacturer. They tend
to re-write the dictionary to suit themselves and terminology isn't as
"standardized" as it should be. But anyway the method to make a private
machine within the system available to the outside world would be "Static
NAT" or "Port Forwarding" or even a combination of the two. Static NAT
focuses on the Layer3 addresses (IP#s) while Port Forwarding focuses on the
Layer4 addresses (ports). In most "real life" situations it is a
combination of the two but is often still refered to only as "Static NAT"
(..that terminology issue again..).
There is another variation of Static called "One-toOne NAT" where everything
comming to One public address is passed to One private address without
considering the ports at all.
The normal Standard NAT that is commonly used today is really "NAT
Overload", but nobody calls it that anymore. The old original standard NAT
required the same number of public IP#s as there were clients on the private
side. The clients were match one-to-one between their private address and a
single public address. Esensially it was identical to the Satic One-toOne
NAT except that it was dynamic instead of static.
Then someone had the idea of using the random client Source Port # as a
"session identifier" to maintain the relationship of the user to thier
public IP#. This was "NAT Over Load". This method allowed multiple users on
a private system to all be able to be NAT'ed at the same time with only a
single public IP#. This is the most common method out there now and is
pretty much just refered to as simply "NAT" by most people.
