Network Programming and Python
There are several benefits of using NAT. The internal network devices are shielded
from malicious traffic directed toward the network from the Internet, devices which
use NAT devices are provided with a layer of privacy since their private addresses
are hidden, and the number of network devices that need to be assigned precious
public IP addresses is reduced. It's actually the heavy use of NAT that allows the
Internet to continue functioning despite having run out of IPv4 addresses.
NAT can cause some problems for network's applications, if it is not taken into
consideration at design time.
If the transmitted application data includes information about a device's network
configuration and that device is behind a NAT router, then problems can occur
if the receiving device acts on the assumption that the application data matches
the IP and the TCP/UDP header data. NAT routers will rewrite the IP and
TCP/UDP header data, but not the application data. This is a well known
problem in the FTP protocol.
Another problem that FTP has with NAT is that in FTP active mode, a part of the
protocol operation involves the client opening a port for listening on, and the server
creating a new TCP connection to that port (as opposed to just a regular reply). This
fails when the client is behind a NAT router because the router doesn't know what to
do with the server's connection attempt. So, be careful about assuming that servers
can create new connections to clients, since they may be blocked by a NAT router, or
firewall. In general, it's best to program under the assumption that it's not possible
for a server to establish a new connection to a client.
IPv6
We mentioned that the earlier discussion is based on IPv4, but that there is a new
version called IPv6. IPv6 is ultimately designed to replace IPv4, but this process is
unlikely to be completed for a while yet.
Since most Python standard library modules have now been updated to support
IPv6 and to accept IPv6 addresses, moving to IPv6 in Python shouldn't have much
impact on our applications. However, there are a few small glitches to watch out for.
The main difference that you'll notice in IPv6 is that the address format has been
changed. One of the main design goals of the new protocol was to alleviate the
global shortage of IPv4 addresses and to prevent it from happening again the IETF
quadrupled the length of an address, to 128 bits, creating a large enough address
space to give each human on the planet a billion times as many addresses as there
are in the entire IPv4 address space.