The Smart Gateway: Port-to-Local-Host-Address Mapping

The Smart Gateway: Port-to-Local-Host Address Mapping

By Doctor Electron

This paper presents a well-known method to multiply effective IPv4 address space by a factor of over 64,000 for large blocks of address space by programming gateways of organization networks to map gateway port number to internal network IP address. However, the author is not aware of any case where IP address space has be de-allocated because this method was employed.
Gateway Computer Interfaces

Many organizations operate a network of computers to provide computer services and communications within the organization (internal) and to the public internet (external).

For an individual computer in the network to connect with internet services, such as web sites, it must be assigned a unique internet protocol (IP) address (e.g., a.b.c.d) so that external computers can "reply" with packet traffic to that particular internal computer.

How does this happen? The gateway computer has two or more network interfaces. A network interface is just a computer program that takes care of sending and receiving information between another program and programs like web servers running on other computers.

If these other computers are external -- out there on the "public internet," we’ll call this the internet interface.

An individual user inside the organizational network also can send and receive information packets to this gateway computer. Let’s call this the network interface. There may be many network interfaces, depending on how large the organization is and how its computer systems are arranged or grouped. (If the organization gets too complicated, it tends to cause some people to loose sleep.)
Doc Looks at Goofynews.com Headlines

Now let us put the pieces together. A user – call him "Doctor Electron" or just "Doc" – looks at the news on an internet web site – call it "goofynews.com." Doc’s computer packets get routed in the internal network to the network interface of a gateway computer – call it "Electronix." The Electronix gateway sends packets out its internet interface. With the help of internet routers and of prayer by router managers, Doc’s packets arrive at goofynews.com.

And now, the "rest of the story" [Paul Harvey]. Doc’s packets say, "Show me the headlines." So goofynews.com sends the headlines to Doc’s computer, like "Doctor Electron Solves Internet Address Space Problem." The packets with the headlines do not contain, "Send to Doctor Electron at Electronix." They contain the IP address of Doc’s computer. It’s a number or set of bytes in the form a.b.c.d. This is the "return" address. It’s like a telephone number. To talk to Doc, you dial the phone number of Doctor Electron. To send a packet to Doc’s computer, you use his IP address.

Phone numbers are in a phone book. Where does Doc get his IP address? In this example, the Electronix gateway assigns Doc an address. This could be a permanent address, if internet authorities (like ARIN, RIPE and APNIC) have assigned to Electronix more addresses (address space) than the number of computers in its network(s).
The Problem

What if Electronix does not have enough addresses for all of its computers or employees or girlfriends, etc? Then we have -- tah Dah -- a problem.

But wait. If Electronix has about 250 assignable addresses for "on-line internet" sessions like Doc’s review of Goofynews, then only 250 people can be on-line with the internet through this gateway. The others, if any, in Electronix will just have to wait. Of course, as Electronix grows bigger (more girlfriends, no doubt), its bosses will go to the internet authorities and ask for more addresses (to keep the girlfriends happy, no doubt).

Now, dear reader, if you are ready, the problem is that the IPv4 address space is limited. It is about 64,000 times 64,000 addresses (a big number). But as every Tom, Dick and Harry (and Marcos, Jacque and Yu, also) in the world gets a computer to surf the internet, this big number of addresses doesn’t look so big anymore.
Solution One: IPv6

There is some interest in a new system of internet addresses (like adding area codes to phone numbers) so there would be more of them – an even bigger number. Going from IPv4 to IPv6 adds 96 more bits to the address. This multiplies the number of possible addresses by enough for every grain of sand on the beach to have its own internet interface. This may sound good to engineers but not to investors since grains of sand do not have incomes to pay for internet service.
Solution Two: Port-to-Local-Host Address Mapping.

What if all the packets from Electronix had only one source IP address, that of the gateway computer? And we mean all the packets perhaps arising from all the computers in the Electronix network(s). Certainly all the replies from internet computers, like Goofynews.com, could find their way back to Electronix.

But how would Electronix know where in its network each packet should go?

Answer: The port number Electronix used to send Doc’s packets out to the internet. This is too easy. When Electronix connected with Goofynews on Doc’s behalf, it had to use a port in its internet interface (see above, if you already forgot what that is). That same port will receive replies from Goofynews for Doc.

All Electronix has to do is remember that Doc’s stuff is on a particular port. If it does so, then Doc’s stuff from the internet can be sent from Electronix over its network to Doc’s computer. What Electronix remembers about Doc’s stuff is called Port-to-Local-Host Address mapping. It remembers that a port number goes with Doc’s address on its own internal network.

Do you think that this sounds pretty good? Well, about 64,000 ports may be available for Electronix to use in its internet interface. So our port-to-address mapping is not pretty good; it is tremendous.

In fact, simply changing the programs used by gateways for large networks can theoretically add a similar amount of address space as the IPv6 solution above – namely a factor of about 64,000. The two solutions are not, of course, mutually exclusive.

Indeed, many recipients of address space allocations up to 64,000 computers can actually have their assigned allocations revoked and replaced with a single a.b.c.d address. All of the possibly thousands of computers in their networks would share a single IP address. Instead of a shrinking IPv4 address space, we would actually see the reverse for a rather long period of time – an increase in unallocated address space as each block of addresses is "returned" to the unassigned pool.

An interesting side effect of this process may be that it would be more difficult for "outsiders" to track the internet activity of persons within the organization since port-to-address mapping would make everyone look the same insofar as one IP address would be used for many, perhaps hundreds or thousands of users.

Last Modified: July 21, 2002

Copyright © 2002 Global Services

Back to Net Census