D-Link DFL-1600 User Manual page 135

14.2. Address Translation
source port to a free port, usually one above 32768, 32789 is used here. The
packet is then sent to its destination.
The recipient server regards the firewall NATed address as the origin of the
packet, processes the packet, and sends its response back to the NATed
address.
The firewall receives the packet and compares it to its list of open
connections. Once it finds the connection in question, it restores the
original address and forwards the packet to the real sender.
Static Address Translation (SAT)
SAT is a type of address translation in which a public IP address is
statically mapped to a private IP address. Dynamic NAT is normally used
for outgoing traffic, while SAT is used for incoming traffic. For example,
using SAT allows an internal host, such as a Web server, to have an
unregistered (private) IP address and still be reachable over the Internet.
The private IP address of the server is mapped to a public static IP
address, which can be seen from the Internet.
In D-Link firewalls, SAT is implemented to provide many important
functions, for example:
- DMZ & Port Forwarding: SAT supports the use of DMZ network to
provide pubic services to the Internet, meanwhile protecting the
private network from unnecessary disclosure to the outside world.
(see 16, DMZ & Port Forwarding)
- Server Load Balancing: SAT can redirect connections pointed at some
server to randomly selected servers. (see 24, Server Load Balancing)
D-Link Firewalls User's Guide
115