在我学习LVS-NAT的时候突然意识到Reverse Proxy服务在Loadbalancing中的行为似乎是相同的。于是尝试理解这俩东西的相同点和不同点
Network Address Translation (NAT) | Proxy Server | |
---|---|---|
Purpose | NAT is primarily used to enable multiple devices within a local network to share a single public IP address for communication with external networks, such as the internet. It allows private IP addresses used within the local network to be translated into a single public IP address when communicating externally. | A proxy server acts as an intermediary between client devices (such as computers or smartphones) and external servers (e.g., web servers). It serves requests on behalf of clients and forwards the responses back to them. |
Layer | NAT operates at the network layer (Layer 3) of the OSI model. It deals with IP addresses and port numbers in packet headers. | Proxy servers operate at the application layer (Layer 7) of the OSI model. They are application-aware and can inspect and manipulate data at the application level. |
Functionality | NAT modifies the source or destination IP address and/or port number of packets as they pass through a NAT device. It helps conserve IPv4 addresses, enhances network security by hiding internal IP addresses, and allows multiple devices to share a limited number of public IP addresses. | Proxies can intercept, filter, cache, and modify requests and responses based on various criteria, including content type, URL, and user permissions. They are often used for content filtering, load balancing, security, and anonymity. |
Typical Use Cases | Home routers often use NAT to allow multiple devices in a home network to share a single internet connection. NAT is also used in corporate networks to provide internal users with internet access through a limited number of public IP addresses. | Web proxies are commonly used to cache web content, filter out malicious websites, and improve network performance. Reverse proxies are used to distribute client requests across multiple backend servers, improve security, and provide SSL termination. |
In summary:
NAT作为更低层的方法,在使用层面上更加直接,不用在software层面上进行更多的配置。
https://blog.51cto.com/u_13719714/2172665
这篇博客介绍了LVS-NAT的原理。
转载: https://support.huawei.com/enterprise/en/knowledge/KB1000081311/#:~:text=What%20Are%20Differences%20Between%20NAT%20and%20Proxy%3F&text=Both%20NAT%20and%20proxy%20provide,proxy%20at%20the%20application%20layer.
Both NAT and proxy provide Internet access through private IP
addresses.These two technologies differ in their positions in the TCP/IP
protocol stack. NAT works at the network layer while proxy at the
application layer. NAT is transparent to various applications, whereas
proxy must resort to the IP address of the proxy server specified in
application programs. For example, to access a web page by using NAT,
no configuration is required in the browser. To access a web page by
using a proxy, you must specify the IP address of the proxy in the
browser. If the proxy supports only HTTP, only web servers can be
accessed through the proxy, but not FTP. In terms of Internet access,
NAT delivers higher scalability than proxy, because NAT is not
targeted at applications.However, NAT cannot provide user name- and password-based
authentication. The proxy supports authentication. In this way, only
the users that are authenticated on the basis of their user names and
passwords are allowed to access the Internet.