Hello Meihua
The quick and simple answer is, you don’t have to. Why? Let’s take a look at an example.
Let’s say you have the following three devices on the internal network with these parameters:
- Host 1, IP address 10.10.10.10, communicating with a Web server on the Internet
- Host 2, IP address 10.10.10.11 connected to an email server on the Internet
- Host 3, IP address 10.10.10.12 connected to an FTP server on the Internet
Al three are sharing the same external IP address of 201.12.12.12.
Let’s say that Host 1 is the first to make a connection using a local port number of 45001 and a destination port number of 80 for the web server. The translation of the host’s IP address looks like this:
Inside local 10.10.10.10:45001 Inside global 201.12.12.12:45001
Let’s say Host 2 is the next to connect to its email server, and let’s say it’s using the same local port number of 45001 and a destination port number of 110 for POP3 for example. The translation of the host’s IP address looks like this:
Inside local 10.10.10.11:45001 Inside global 201.12.12.12:45002
Notice that the external port number is incremented by 1. If there is a port that is already in use by another translation, then the very next available port number is used. Let’s continue with the translation for Host 3 assuming the same local port number is used:
Inside local 10.10.10.12:45001 Inside global 201.12.12.12:45003
Once again, the next available port number is used. This way there is never a conflict between identical port numbers that may be used by hosts on an internal network.
I hope this has been helpful!
Laz