Network Address Translation

This guide explains the concept of network address translation, different NAT types and examples how to configure each NAT type.

Comments
Introduction
NAT Types
NAT Address Classification
Static NAT
Port Address Translation
Destination NAT
Dynamic NAT

Introduction

Network Address Translation (NAT) is a process of translating the source and/or destination IP addresses and port numbers of IP packets as they pass through a router. NAT is used to allow private IP addresses to be used on a network while still allowing communication with the Internet, which requires the use of public IP addresses. NAT operates by creating a mapping between the private IP address of a host and a public IP address that is routable on the Internet. When a packet from a host on the private network is sent to the Internet, the router replaces the source IP address of the packet with the public IP address assigned to the router's external interface. The router then maintains this mapping so that when a response packet is received from the Internet, it can translate the destination IP address back to the private IP address of the original host.

Description
NAT is a critical feature for allowing private networks to communicate with the Internet and is commonly used
Source and/or destination IP addresses and port numbers of IP packets are translated as they pass through a router
NAT operates by creating a mapping between the private IP address of a host and a public IP address that is routable on the Internet
When a packet from a host on the private network is sent to the Internet, the router replaces the source IP address of the packet with the public IP address assigned to the router's external interface
The router maintains this mapping to be able to translate the destination IP address back to the private IP address of the original host

NAT Types

NAT can be configured in several ways on Cisco IOS routers, including static NAT, dynamic NAT, and PAT. Static NAT creates a permanent one-to-one mapping between a private IP address and a public IP address. Dynamic NAT creates a pool of public IP addresses that are assigned on a first-come, first-served basis to hosts on the private network. PAT allows multiple hosts to share a single public IP address and can be configured to use a specific port range for mapping port numbers.

Description
Static NAT creates a one-to-one mapping between a private IP address and a public IP address. It is typically used when a server on a private network needs to be accessed from the Internet. With static NAT, the public IP address is always the same, and inbound traffic is forwarded to the private IP address of the server. Static NAT can provide better security because only the IP address specified in the NAT mapping is allowed to communicate with the server. However, static NAT can be inflexible and may require more public IP addresses.
Port Address Translation (PAT), also known as Network Address Port Translation (NAPT), is a form of dynamic NAT that allows multiple devices on a private network to share a single public IP address. With PAT, the router assigns a unique port number to each device on the private network, and uses this port number to keep track of which device sent which packet. When a packet comes back to the router, it uses the port number to route the packet to the correct device. PAT is the most commonly used type of NAT, because it allows many devices to share a single public IP address, while still providing a degree of security.
Destination NAT is a technique used to modify the destination IP address of a packet as it passes through a network device, such as a router or firewall. The destination IP address of a packet is changed to a different IP address or a specific port number. This is typically done to allow traffic to reach a specific device or service on a network that is not directly reachable from the public Internet or from other networks.
Dynamic NAT assigns a public IP address from a pool of available public addresses to a private IP address on a first-come, first-served basis. This allows multiple devices on a private network to share a pool of public IP addresses. It is commonly used in small businesses and dynamic NAT is more flexible than static NAT.

NAT Address Classification

Inside local
An IP address assigned to an inside host
Inside global
An inside IP address seen from the outside
Outside global
An IP address assigned to an outside host
Outside local
An outside IP address seen from the inside

Premium Access

Log in or register - Premium members can access all content without restrictions.

Get Premium

0 Comments

Submit a Comment