0
NAT - Network Address Translation


NAT was introduced to reduce the problems in IPv4 Address,i.e. shortage in ipv4 ip addresses.Address
Classes were replaced by CIDR,but this is not sufficient.Ipv6 was introduced,it provides long
range ip addresses,IPng Internet Protocol Next Generation.

NAT Translates Private Ip address to Public IP address and Public Address to Private Address.


i)Static NAT
ii)Dynamic NAT
iii)NAT with PAT



Private IP Address Ranges,


Class A,  10.0.0.0 - 10.255.255.255 (Total ip Address -1,67,77,216)

Class B,  172.16.0.0- 172.31.255.255 (Total ip Address -10,48,576)

Class C,  192.168.0.0 - 192.168.255.255 (Total ip Address -65536)


These range ip address can be used to any Local Area Network (LAN) we can communicate with host that is present within Local Area Network,But we can't communicate with public Ip address directly.

If we ping the public ip address directly from local Private ip address, Packets will reach the destination but denstination doesn't know this Local ip address.we will get request timed out.

By using NAT we translate the private ip address to public ip address and public to private ip address.when packet goes out of the private network NAT will translate private ip address to public ip address(IP address that we are configured to router interface that is conneced to ISP).When router received a reply from public address,it will forward that packets to local private ip addresses.




i)Static NAT,


Static NAT will translate one private unregistered ip address to one Pulic registered ip  address.Same public address will not be used for multiple private ip address.



Network Address Translation Table


    Before NAT                                       After NAT

  Src Ip          Dest IP                              Src Ip       Dest ip 

10.0.0.10      40.0.0.10   <-Natting->   20.0.0.1      40.0.0.10   
10.0.0.11      40.0.0.10   <-Natting->   20.0.0.2      40.0.0.10    
10.0.0.12      40.0.0.10   <-Natting->   20.0.0.3      40.0.0.10    
10.0.0.10      40.0.0.10   <-Natting->   20.0.0.4      40.0.0.10
10.0.0.16      40.0.0.10   <-Natting->   20.0.0.8      40.0.0.10   
10.0.0.18      40.0.0.10   <-Natting->   20.0.0.9      40.0.0.10    
10.0.0.13      40.0.0.10   <-Natting->   20.0.0.10     40.0.0.10    
10.0.0.14      40.0.0.10   <-Natting->   20.0.0.70     40.0.0.10  






Here,there is no change in ip address while translating 10.0.0.10 always translated to 20.0.0.1,10.0.0.11 to 20.0.0.2.

Static NAT very usefull when request came for any service to a sever that present in LAN from Public(Internet).





ii)Dynamic NAT,


Here,private address will be translated to Public Ip address dynamically.i.e. Private address will be translated to any public ip address that is avaible at that time from the range of ip address we have.

Cosider we have range of pulbic ip address 20.0.0.1 to 20.0.0.255 this will be used dynamically.If there is no ip address available packets will be dropped.Here,we use same public ip for multiple private ip if the public ip is not used by any other private ip address.


Network Address Translation Table


Before NAT                                After NAT

     Src Ip        Dest IP                            Src Ip       Dest ip 

10.0.0.10      40.0.0.10   <-Natting->   20.0.0.1      40.0.0.10   
10.0.0.11      40.0.0.10   <-Natting->   20.0.0.6      40.0.0.10    
10.0.0.12      40.0.0.10   <-Natting->   20.0.0.9      40.0.0.10    
10.0.0.10      40.0.0.10   <-Natting->   20.0.0.7      40.0.0.10
10.0.0.16      40.0.0.10   <-Natting->   20.0.0.8      40.0.0.10   
10.0.0.18      40.0.0.10   <-Natting->   20.0.0.6      40.0.0.10    
10.0.0.13      40.0.0.10   <-Natting->   20.0.0.1      40.0.0.10    
10.0.0.14      40.0.0.10   <-Natting->   20.0.0.7      40.0.0.10    







iii)NAT with PAT,Port Address Translation


Packets will be dropped if router don't have an ip address for translation.Using'overload' command we can avoid this problem.This will force the router to translate multipleprivate address to a single public ip address,Router will take port numbers as reference to translate.Consider packets from multiple private host at same to 40.0.0.10 ,translation will belike this


Network Address Translation Table


Before NAT After NAT

    Src Ip   Src Port    Dest IP  Dest Port                 Src Ip    Src Port  Dest ip   Dest Port

10.0.0.10  1024        40.0.0.10    80     <-Natting-> 20.0.0.1  1024       40.0.0.10    80
10.0.0.11  1025         40.0.0.10    80     <-Natting-> 20.0.0.1  1025       40.0.0.10    80
10.0.0.12  1026         40.0.0.10    80     <-Natting-> 20.0.0.1  1026       40.0.0.10    80
10.0.0.13  1046         40.0.0.10    80     <-Natting-> 20.0.0.1  1046       40.0.0.10    80
10.0.0.10  1503         40.0.0.10    80     <-Natting-> 20.0.0.1  1503       40.0.0.10    80




If two host uses same source port numbers router will change the second received packet port number to some other port number.




Network Address Translation Table


Before NAT After NAT

  Src Ip    Src Port    Dest IP   Dst Port               Src  Ip    Src Port     Dest ip   Dst Port

10.0.0.10  1024       40.0.0.10    80 <-Natting->   20.0.0.1    1024        40.0.0.10    80
10.0.0.11  1024       40.0.0.10    80 <-Natting->   20.0.0.1    1025        40.0.0.10    80



Here,Source port number have changed from 1024 to 1025 for the second packet.

Post a Comment

 
Top