symmetric nat
a symmetric nat, in contrast, does not maintain a consistent port binding between (private ip, private port) and (public ip, public port) across all sessions.
instead, it assigns a new public port to each new session. for example, suppose client a initiates two outgoing sessions from the same port as above, one with s1 and one with s2. a symmetric nat might allocate the public endpoint 155.99.25.11:62000 to session 1, and then allocate a different public endpoint 155.99.25.11:62001, when the application initiates session 2. the nat is able to differentiate between the two sessions for translation purposes because the external endpoints involved in the sessions (those of s1 and s2) differ, even as the endpoint identity of the client application is lost across the address translation boundary.
对称nat
对称nat,与cone nat是大不相同的,并不对会话进行端口绑定,而是分配一个全新的 公网端口 给每一个新的会话。
