The topic of intranet penetration always has a prerequisite, which is the public IP. I believe that most of the discussion about penetration is the case where there is no public network IP. This article briefly outlines why we need intranet penetration, the working principle of intranet penetration, and how to choose the appropriate solution for penetration.
The importance of public IP
Most people have come into contact with intranet penetration, which may be related to the popularity of NAS devices in homes in recent years. Of course, some people also have the need to remotely operate computers. But no matter what the need is, there must be at least a public IP, which can be your own broadband or a server with a public IP.
The most common scenario now is that we use one device to access another intranet device. It's like two people trying to establish a connection in a vast sea of people, but at least they have to go to an agreed-upon place at the same time before they can meet. It can be your home, my home, or a public place that everyone knows. The public IP is equivalent to the place where we agreed to meet, because it is the house number on the Internet. Only with this can we have a chance to find each other.
Some IP addresses are fixed, like servers, while others change every time you redial a number, like home broadband. This kind of IP address that changes back and forth requires a domain name, which always points to the changed IP address, just like no matter which mobile phone number you change, I can still find you through the same WeChat ID.
Why is there a distinction between internal and external networks?
As more and more devices can be connected to the Internet in recent years, and the ones mainly exposed on the public network are companies and servers that provide services, the number of available public network IPs (mainly IPv4) has become less and less. Operators I came up with a way to divide ordinary home broadband users who cannot use public network IP into a large internal network, and then multiple users share an external network IP, which temporarily solves the problem of insufficient IP.
These users who have had their public IPs taken away are like moving from single-family villas to high-rise communities. The public IPs are hung at the entrance of the community and are shared by all owners. The operator calls it: protecting user privacy. In the era when home computers directly connected to modem devices to dial-up the Internet instead of going through routers, this did protect personal system security to a certain extent, but the operation of reclaiming public IPs actually happened after routers became popular.
Of course, until now, there are still a large number of users who do not have access to public IPs, and they account for the majority. Therefore, it does not have any real impact, but for users who need to use the public network, such as some home server enthusiasts, who want to put some services on the public network for private use, intranet penetration will be used.
Note that whether there is a public IP or not, intranet penetration technology will be used. Those with a public network need to penetrate their own routers and access a specific intranet device. However, because they have control over the router, most The problem people encounter is that they need to penetrate the large public intranet, which is the community gate mentioned before. Ordinary users do not have complete control over the community gate.
Which specific scenarios require intranet penetration?
Here are some common examples:
- When you are out and about, you want to be able to access your home computer or access files in your NAS anytime, anywhere;
- I have a server at home and have deployed some note-taking applications, password management applications, etc.;
- I have built private servers for some classic games and hope to play them online with friends.
Of course, the needs for intranet penetration are far more than these, especially for those who are good at tossing. But generally speaking, the common point is that there is usually a 24-hour standby hardware device working, and what we want is to be able to access this device anytime, anywhere.
How intranet penetration works
As mentioned above, intranet penetration must use a public IP, so either the device being accessed has a public IP, or neither device has one. If neither device has one, a transit server with a public network will be used to establish a link with both intranet devices, acting as a mouthpiece to exchange traffic between the two parties.
In the first case, the object you want to access is on the public network. You can easily locate it on the Internet, and then it serves as the entrance through VPN or port forwarding to a specific intranet service, allowing you to communicate with the internal network. to establish a connection with a device.
The second case is that there is no public IP.
And like some commercial versions of NAS, the built-in system comes with the second solution, so you find that you don't need to deploy a complex intranet penetration solution yourself, and you can directly access files in the NAS. However, there is a barrel effect in the transmission of network traffic, and the transmission speed depends on the upper limit of the slowest node. Therefore, intranet penetration through a relay server requires the bandwidth of the server, and the ideal one is a penetration method without a relay server.
How to choose a penetration solution
In relatively backward small and medium-sized cities, the number of IPv4 is actually not that tight. Therefore, you can call the broadband operator to ask whether your home broadband is a public IP. If not, ask the other party to turn on the public IP for you. . All the free solutions available on the Internet are easy to implement and have the best results.
If the public IP problem cannot be solved, then as an ordinary user, there are probably the following two methods:
- Rent a server with an external network as a transfer. The configuration choice is relatively lightweight. The main bandwidth determines the transmission speed. As for the software deployment plan, just find some open source ones. This method is suitable for those who have the skills and ability to do it. It has a high degree of freedom and can achieve a variety of penetration methods through different software.
- Using existing paid or free penetration software on the Internet is actually the same as renting a server, but you are renting an application suite that has been deployed by a third party. One server is enough to serve multiple users, so this solution is cheaper and more cost-effective. The technical requirements for users are low, usually the transmission of some small traffic, which can meet the requirements of remote control of computers, basic small file transmission, etc.
In addition to these, there are other relatively niche penetration solutions. I can't list them all, but the basic principle is as mentioned before: there must be a place where both parties can find a place to meet.
at last
This article does not discuss the specific technical solutions for intranet penetration or some specific commercial applications. It only provides some preliminary explanations on the topic of intranet penetration. Some of the opinions are based on personal knowledge and judgment. If there are any errors, please correct them.
Hope it helps you.
> Follow Minority public accountunlock a new reading experience📰
> Practical and easy to use Genuine softwarepresented to you by Minority 🚀
GIPHY App Key not set. Please check settings