Figure 17-16 Router NAT: Translating Internal
Addresses to External Addresses
IP address management: A router uses Dynamic Host
Configuration Protocol (DHCP) to assign IP addresses to devices that
connect to the network. Clients send DISCOVER broadcast message to
figure out if a local DHCP server exists in the network. If a DHCP server
exists, it offers configurations such as an IP address, a MAC address, a
domain, and so on via an OFFER message. The client can then send a
formal REQUEST to the server for allocating an IP address. The server
responds with an ACK unicast message to the client, indicating that the
IP address has been allocated and confirmed. Figure 17-17 shows a flow
of clients requesting IP addresses via DHCP.Figure 17-17 Using DHCP to Assign IP Addresses
Firewalls: A firewall safeguards a network from intentional or
unintentional intrusion. A firewall sits at the junction point or gateway
between two networks—usually a private network and a public network
such as the Internet. Users on the local network of the router need to be
protected from hackers and other malicious users. A firewall blocks
traffic from unauthorized users. It also helps in allowing or blocking
certain types of traffic on certain ports. For example, a firewall may
allow access to certain applications only, such as HTTP or SSH, and
block all UDP traffic. Figure 17-18 shows a firewall that allows only
HTTP access to the outside world and blocks all incoming UDP traffic.