Network Address Translation (NAT)

Network address translation is a technique that is used when a private network connects to the internet via a single IP address .multiple devices access the internet via a single IP address.

To achieve this the translation of private IP to public IP is needed.NAT is configured usually on the border routers where one port is on the global side of the network and one port is on the private side of the network.

When a packet goes from inside to outside NAT converts private IP address to global IP address.
When a packet comes from outside to the inside NAT converts Global IP address to private IP address.

If NAT run out of addresses, ex:- no address is left in the pool configured then the packets will be dropped and an Internet Control Message Protocol (ICMP) host unreachable packet to the destination is send.The need to mask the port numbers arrives because if two systems send a same request to the same port number at the server on returning the router will not understand to whom the packet belongs to.

Network Address Translation (NAT) Types :-

Total 3 ways to configure NAT

  1. Static NAT – In this, a single unregistered (Private) IP address is mapped with a legally registered (Public) IP address i.e. one-to-one mapping between local and global address.

The simplest type of NAT provides a one-to-one translation of IP addresses. It is often also referred to as one-to-one NAT.
With static NAT, routers or firewalls translate one private IP address to a single public IP address. Each private IP address is mapped to a single public IP address. Static NAT is not often used because it requires one public IP address for each private IP address.
A static NAT works by creating a one-to-one relationship between the public and private IP address. This means the private IP address can be mapped to only one public IP address at a time. The end user, on the other hand, has a transparent view of the remote device/network and accesses it using the mapped public IP address.

Dynamic NAT – In this type of NAT, an unregistered IP address is translated into a registered (Public) IP address from a pool of public IP address. Suppose, if there is pool of 2 public IP addresses then only 2 private IP addresses can be translated at a given time.

Dynamic network address translation (Dynamic NAT) is a technique in which multiple public Internet Protocol (IP) addresses are mapped and used with an internal or private IP address.

Dynamic NAT bridges the communication and packet routing path between private/protected/internal networks and the Internet. Each internal device on an unregistered IP address requesting Internet access can select from a group of public IP addresses

Dynamic NAT is usually configured on a router that maintains a group of public IP addresses in a network address translation (NAT) table. For each outgoing packet, the router replaces its source, a private IP address, with the first available public IP address.

Advantages
The main advantage of NAT is that it can prevent the depletion of IPv4 addresses.
NAT can provide an additional layer of security by making the oringinal source and destination addresses hidden.

Disadvantages
1.NAT is a processor and memory resource consuming technology, since NAT need to translate IPv4 addresses for all incoming and outgoing IPv4 datagrams and to keep the translation details in memory.
2.NAT may cause delay in IPv4 communication.
3.NAT (Network Address Translation) cause loss of end-device to end-device IP traceability
4.Some technologies and network applications will not function as expected in a NAT (Network Address Translation) configured network.

Port Address Translation (PAT)

This is also known as NAT overload. In this, many local (private) IP addresses can be translated to single public IP address. Port numbers are used to distinguish the traffic, i.e., which traffic belongs to which IP address. This is most frequently used as it is cost effective as thousands of users can be connected to the Internet by using only one real global (public) IP address.

Port Address Translation (PAT), a single public IP address is used for all internal private IP addresses, but a different port is assigned to each private IP address. This type of NAT is also known as NAT Overload and is the typical form of NAT used in today’s networks.

PAT allows you to support many hosts with only few public IP addresses.
It works by creating dynamic NAT mapping, in which a global IP address and a unique port number are selected. The router keeps a NAT table entry for every unique combination of the private IP address and port, with translation to the global address and a unique port number.

Advantages:-
Conserve IP addresses by assigning single public IP to a group of hosts with the help of the different port numbers.

Disadvantages:-
More than one same type of public services cannot be executed with a single IP address in PAT.Number of entries are limited in the internal table for keeping the tracks of the connections.

Configuration of Static, Dynamic and PAT

Static NAT:

  1. Router(config)#ip nat inside source static 192.168.0.10 209.165.200.10
  2. Router(config)#interface FastEthernet 0/1
  3. Router(config-if)#ip nat inside
  4. Router(config-if)#interface Serial 0/0/0
  5. Router(config-if)#ip nat outside

Dynamic NAT:

  1. Router(config)#ip nat pool NAT-POOL 209.165.200.226 209.165.200.240 netmask 255.255.255.224
  2. Router(config)#access-list 1 permit 192.168.0.0 0.255.255.255
  3. Router(config)#ip nat inside source list 1 pool NAT-POOL
  4. Router(config)#interface FastEthernet 0/1
  5. Router(config-if)#ip nat inside
  6. Router(config-if)#interface Serial 0/0/0
  7. Router(config-if)#ip nat outside

NAT Overload or PAT:
Case 1: One Public IP

  1. Router(config)#access list 1 permit 192.168.0.0 0.255.255.255
  2. Router(config)#ip nat inside source list 1 interface serial 0/0/0 overload
  3. Router(config)#interface FastEthernet 0/1
  4. Router(config-if)#ip nat inside
  5. Router(config-if)#interface Serial 0/0/0
  6. Router(config-if)#ip nat outside

NAT Overload or PAT:
Case 2: many Public IP

  1. Router(config)#ip nat pool NAT-POOL 209.165.200.226 209.165.200.240 netmask 255.255.255.224
  2. Router(config)#access-list 1 permit 192.168.0.0 0.255.255.255
  3. Router(config)#ip nat inside source list 1 pool NAT-POOL overload
  4. Router(config)#interface FastEthernet 0/1
  5. Router(config-if)#ip nat inside
  6. Router(config-if)#interface Serial 0/0/0
  7. Router(config-if)#ip nat outside
Share Knowledge

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top