Chapter 11: Skype Firewall and Network Setup

A Word about Network Address Translation and Firewalls

When the Internet began, the creators didn t envision the type of growth that we are experiencing today. During the last 10 years, the number of hosts on the Internet increased by more than a factor of 50. ¹ In order for each Internet device, or host, to communicate on the Internet, it must have a unique internet protocol (IP) address. The addressing scheme for the Internet allowed for billions of IP addresses, but now most of them are allocated.

The Internet s popularity results in a maximum number of available IP addresses. Homes and offices around the world are now connecting many hosts at a single location and it is not possible for every single device to have its own public IP address. To increase the number of addresses available, a new standard called IPv6 has been developed. Until IPv6 is finalized, other methods are needed to allow for the sharing of public addresses among more systems. The most effective solution is called network address translation (NAT), defined in the request for comments 1631 (RFC 1631).

NAT is a special type of router that has several different implementations. One popular method of implementation allows for the use of special, unroutable IP addresses on private or internal networks. The private addresses are translated to a public host address, which allows communication over the Internet. Three blocks of the unroutable, or private, IP addresses are defined in RFC 1597 and RFC 1918. The private...