{"id":476204,"date":"2023-08-09T07:26:52","date_gmt":"2023-08-09T07:26:52","guid":{"rendered":""},"modified":"2023-09-05T11:12:15","modified_gmt":"2023-09-05T11:12:15","slug":"cgnat","status":"publish","type":"wiki","link":"https:\/\/oneproxy.pro\/vn\/wiki\/cgnat\/","title":{"rendered":"CGNAT"},"content":{"rendered":"

D\u1ecbch \u0111\u1ecba ch\u1ec9 m\u1ea1ng c\u1ea5p nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5, th\u01b0\u1eddng \u0111\u01b0\u1ee3c vi\u1ebft t\u1eaft l\u00e0 CGNAT, l\u00e0 m\u1ed9t s\u1ef1 \u0111\u1ed5i m\u1edbi quan tr\u1ecdng trong l\u0129nh v\u1ef1c qu\u1ea3n l\u00fd \u0111\u1ecba ch\u1ec9 IP. \u0110\u00e2y l\u00e0 ti\u00eau chu\u1ea9n c\u1ee7a L\u1ef1c l\u01b0\u1ee3ng \u0111\u1eb7c nhi\u1ec7m k\u1ef9 thu\u1eadt Internet (IETF) \u0111\u01b0\u1ee3c thi\u1ebft k\u1ebf \u0111\u1eb7c bi\u1ec7t \u0111\u1ec3 gi\u1ea3i quy\u1ebft v\u1ea5n \u0111\u1ec1 c\u1ea1n ki\u1ec7t \u0111\u1ecba ch\u1ec9 IPv4.<\/p>\n

Truy t\u00ecm ngu\u1ed3n g\u1ed1c v\u00e0 s\u1ef1 ph\u00e1t tri\u1ec3n c\u1ee7a CGNAT<\/h2>\n

S\u1ef1 ra \u0111\u1eddi c\u1ee7a CGNAT c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c li\u00ean k\u1ebft t\u1eeb \u0111\u1ea7u th\u1ebf k\u1ef7 21. Ban \u0111\u1ea7u n\u00f3 \u0111\u01b0\u1ee3c IETF \u0111\u1ec1 xu\u1ea5t v\u00e0o n\u0103m 2011 theo RFC 6264 v\u00e0 sau \u0111\u00f3 \u0111\u01b0\u1ee3c ti\u00eau chu\u1ea9n h\u00f3a v\u00e0o n\u0103m 2012 th\u00f4ng qua RFC 6888. Nguy\u00ean nh\u00e2n ch\u00ednh \u0111\u1eb1ng sau vi\u1ec7c t\u1ea1o ra n\u00f3 l\u00e0 s\u1ef1 c\u1ea1n ki\u1ec7t c\u1ee7a \u0111\u1ecba ch\u1ec9 IPv4 v\u00e0 vi\u1ec7c \u00e1p d\u1ee5ng IPv6 ch\u1eadm.<\/p>\n

IPv4, s\u1eed d\u1ee5ng \u0111\u1ecba ch\u1ec9 32 bit, c\u00f3 gi\u1edbi h\u1ea1n t\u1ed1i \u0111a kho\u1ea3ng 4,3 t\u1ef7 \u0111\u1ecba ch\u1ec9 duy nh\u1ea5t. Khi s\u1ed1 l\u01b0\u1ee3ng thi\u1ebft b\u1ecb k\u1ebft n\u1ed1i Internet b\u1eaft \u0111\u1ea7u v\u01b0\u1ee3t qu\u00e1 gi\u1edbi h\u1ea1n n\u00e0y, CGNAT n\u1ed5i l\u00ean nh\u01b0 m\u1ed9t gi\u1ea3i ph\u00e1p kh\u1ea3 thi, cho ph\u00e9p nhi\u1ec1u thi\u1ebft b\u1ecb chia s\u1ebb m\u1ed9t \u0111\u1ecba ch\u1ec9 IPv4 c\u00f4ng c\u1ed9ng.<\/p>\n

Gi\u1ea3i n\u00e9n kh\u00e1i ni\u1ec7m v\u1ec1 CGNAT<\/h2>\n

CGNAT l\u00e0 m\u1ed9t k\u1ef9 thu\u1eadt \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng \u0111\u1ec3 k\u00e9o d\u00e0i tu\u1ed5i th\u1ecd c\u1ee7a kh\u00f4ng gian \u0111\u1ecba ch\u1ec9 IPv4 b\u1eb1ng c\u00e1ch cho ph\u00e9p nhi\u1ec1u thi\u1ebft b\u1ecb chia s\u1ebb m\u1ed9t \u0111\u1ecba ch\u1ec9 IPv4 c\u00f4ng c\u1ed9ng. N\u00f3 l\u00e0 m\u1ed9t lo\u1ea1i D\u1ecbch \u0111\u1ecba ch\u1ec9 m\u1ea1ng (NAT), m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p \u00e1nh x\u1ea1 l\u1ea1i kh\u00f4ng gian \u0111\u1ecba ch\u1ec9 IP sang m\u1ed9t kh\u00f4ng gian \u0111\u1ecba ch\u1ec9 IP kh\u00e1c.<\/p>\n

Trong m\u00f4i tr\u01b0\u1eddng NAT truy\u1ec1n th\u1ed1ng, c\u00e1c thi\u1ebft b\u1ecb trong m\u1ea1ng c\u1ee5c b\u1ed9 chia s\u1ebb \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng \u0111\u1ec3 li\u00ean l\u1ea1c v\u1edbi Internet. CGNAT ti\u1ebfn th\u00eam m\u1ed9t b\u01b0\u1edbc n\u1eefa b\u1eb1ng c\u00e1ch s\u1eed d\u1ee5ng l\u1edbp NAT th\u1ee9 hai \u1edf c\u1ea5p \u0111\u1ed9 Nh\u00e0 cung c\u1ea5p d\u1ecbch v\u1ee5 Internet (ISP). \u0110i\u1ec1u n\u00e0y c\u00f3 ngh\u0129a l\u00e0 nhi\u1ec1u kh\u00e1ch h\u00e0ng, m\u1ed7i kh\u00e1ch h\u00e0ng c\u00f3 NAT c\u1ee5c b\u1ed9, c\u00f3 th\u1ec3 chia s\u1ebb m\u1ed9t \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng duy nh\u1ea5t.<\/p>\n

Kh\u00e1m ph\u00e1 ch\u1ee9c n\u0103ng c\u1ee7a CGNAT<\/h2>\n

V\u1ec1 c\u1ed1t l\u00f5i, CGNAT ho\u1ea1t \u0111\u1ed9ng d\u1ef1a tr\u00ean c\u00e1c nguy\u00ean t\u1eafc gi\u1ed1ng nh\u01b0 NAT truy\u1ec1n th\u1ed1ng, nh\u01b0ng c\u00f3 th\u00eam m\u1ee9c \u0111\u1ed9 d\u1ecbch thu\u1eadt. Khi c\u00e1c g\u00f3i d\u1eef li\u1ec7u di chuy\u1ec3n t\u1eeb m\u1ea1ng c\u1ee5c b\u1ed9 sang Internet, ch\u00fang s\u1ebd \u0111i qua NAT c\u1ee5c b\u1ed9, n\u01a1i chuy\u1ec3n \u0111\u1ed5i \u0111\u1ecba ch\u1ec9 IP ri\u00eang th\u00e0nh \u0111\u1ecba ch\u1ec9 c\u00f4ng khai. C\u00e1c g\u00f3i n\u00e0y sau \u0111\u00f3 \u0111\u1ebfn CGNAT t\u1ea1i ISP, ISP n\u00e0y m\u1ed9t l\u1ea7n n\u1eefa thay \u0111\u1ed5i \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng. Qu\u00e1 tr\u00ecnh n\u00e0y \u0111\u01b0\u1ee3c \u0111\u1ea3o ng\u01b0\u1ee3c \u0111\u1ed1i v\u1edbi c\u00e1c g\u00f3i d\u1eef li\u1ec7u g\u1eedi \u0111\u1ebfn.<\/p>\n

C\u00e1c th\u00e0nh ph\u1ea7n ch\u00ednh c\u1ee7a h\u1ec7 th\u1ed1ng CGNAT bao g\u1ed3m:<\/p>\n

    \n
  1. B\u1ea3n th\u00e2n thi\u1ebft b\u1ecb CGNAT th\u1ef1c hi\u1ec7n vi\u1ec7c d\u1ecbch thu\u1eadt.<\/li>\n
  2. Nh\u00f3m \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng \u0111\u01b0\u1ee3c g\u00e1n cho CGNAT.<\/li>\n
  3. \u00c1nh x\u1ea1 c\u00e1c \u0111\u1ecba ch\u1ec9 IP ri\u00eang b\u00ean trong t\u1edbi c\u00e1c \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng b\u00ean ngo\u00e0i.<\/li>\n<\/ol>\n

    C\u00e1c t\u00ednh n\u0103ng ch\u00ednh c\u1ee7a CGNAT<\/h2>\n

    CGNAT mang l\u1ea1i m\u1ed9t s\u1ed1 t\u00ednh n\u0103ng \u0111\u00e1ng ch\u00fa \u00fd cho b\u1ea3ng:<\/p>\n

      \n
    1. B\u1ea3o to\u00e0n \u0111\u1ecba ch\u1ec9<\/strong>: B\u1eb1ng c\u00e1ch cho ph\u00e9p nhi\u1ec1u thi\u1ebft b\u1ecb chia s\u1ebb m\u1ed9t \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng, CGNAT k\u00e9o d\u00e0i tu\u1ed5i th\u1ecd c\u1ee7a kh\u00f4ng gian \u0111\u1ecba ch\u1ec9 IPv4.<\/li>\n
    2. Minh b\u1ea1ch<\/strong>: \u0110\u1ed1i v\u1edbi ph\u1ea7n l\u1edbn ng\u01b0\u1eddi d\u00f9ng v\u00e0 \u1ee9ng d\u1ee5ng, s\u1ef1 hi\u1ec7n di\u1ec7n c\u1ee7a CGNAT l\u00e0 ho\u00e0n to\u00e0n minh b\u1ea1ch.<\/li>\n
    3. Kh\u1ea3 n\u0103ng t\u01b0\u01a1ng th\u00edch<\/strong>: CGNAT c\u00f3 th\u1ec3 ho\u1ea1t \u0111\u1ed9ng v\u1edbi c\u1ea3 \u0111\u1ecba ch\u1ec9 IPv4 v\u00e0 IPv6, khi\u1ebfn n\u00f3 t\u01b0\u01a1ng th\u00edch v\u1edbi m\u1ecdi lo\u1ea1i m\u1ea1ng.<\/li>\n
    4. Kh\u1ea3 n\u0103ng m\u1edf r\u1ed9ng<\/strong>: CGNAT c\u00f3 th\u1ec3 x\u1eed l\u00fd m\u1ed9t s\u1ed1 l\u01b0\u1ee3ng l\u1edbn c\u00e1c b\u1ea3n d\u1ecbch \u0111\u1ecba ch\u1ec9 IP, khi\u1ebfn n\u00f3 ph\u00f9 h\u1ee3p v\u1edbi c\u00e1c ISP l\u1edbn.<\/li>\n<\/ol>\n

      C\u00e1c h\u1ea1ng m\u1ee5c c\u1ee7a CGNAT<\/h2>\n

      D\u1ef1a tr\u00ean ph\u1ea1m vi ch\u1ee9c n\u0103ng v\u00e0 \u1ee9ng d\u1ee5ng, CGNAT c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c ph\u00e2n lo\u1ea1i th\u00e0nh hai lo\u1ea1i:<\/p>\n

        \n
      1. CGNAT c\u01a1 b\u1ea3n<\/strong>: Th\u1ef1c hi\u1ec7n d\u1ecbch m\u1ed9t-m\u1ed9t \u0111\u01a1n gi\u1ea3n c\u00e1c \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng sang \u0111\u1ecba ch\u1ec9 IP ri\u00eang t\u01b0.<\/li>\n
      2. CGNAT n\u00e2ng cao<\/strong>: B\u00ean c\u1ea1nh d\u1ecbch thu\u1eadt m\u1ed9t-m\u1ed9t, n\u00f3 c\u00f2n h\u1ed7 tr\u1ee3 c\u00e1c t\u00ednh n\u0103ng n\u00e2ng cao nh\u01b0 ch\u1eb7n c\u1ed5ng, gi\u1edbi h\u1ea1n phi\u00ean v\u00e0 ghi nh\u1eadt k\u00fd.<\/li>\n<\/ol>\n

        Vi\u1ec7c s\u1eed d\u1ee5ng, v\u1ea5n \u0111\u1ec1 v\u00e0 gi\u1ea3i ph\u00e1p v\u1edbi CGNAT<\/h2>\n

        CGNAT ch\u1ee7 y\u1ebfu \u0111\u01b0\u1ee3c c\u00e1c ISP s\u1eed d\u1ee5ng \u0111\u1ec3 qu\u1ea3n l\u00fd t\u00ecnh tr\u1ea1ng khan hi\u1ebfm \u0111\u1ecba ch\u1ec9 IPv4. Tuy nhi\u00ean, n\u00f3 c\u0169ng c\u00f3 th\u1ec3 \u0111\u01b0\u1ee3c s\u1eed d\u1ee5ng trong c\u00e1c t\u1ed5 ch\u1ee9c l\u1edbn \u0111\u1ec3 c\u1ee7ng c\u1ed1 vi\u1ec7c s\u1eed d\u1ee5ng \u0111\u1ecba ch\u1ec9 IP c\u00f4ng c\u1ed9ng c\u1ee7a h\u1ecd.<\/p>\n

        B\u1ea5t ch\u1ea5p nh\u1eefng l\u1ee3i \u00edch c\u1ee7a n\u00f3, CGNAT c\u00f3 th\u1ec3 \u0111\u1eb7t ra m\u1ed9t s\u1ed1 th\u00e1ch th\u1ee9c:<\/p>\n