NAT - Network Address Translation
NAT was introduced to reduce the problems in IPv4 Address,i.e. shortage in ipv4 ip addresses.Address
Classes were replaced by CIDR,but this is not sufficient.Ipv6 was introduced,it provides long
range ip addresses,IPng Internet Protocol Next Generation.
NAT Translates Private Ip address to Public IP address and Public Address to Private Address.
i)Static NAT
ii)Dynamic NAT
iii)NAT with PAT
Private IP Address Ranges,
Class A, 10.0.0.0 - 10.255.255.255 (Total ip Address -1,67,77,216)
Class B, 172.16.0.0- 172.31.255.255 (Total ip Address -10,48,576)
Class C, 192.168.0.0 - 192.168.255.255 (Total ip Address -65536)
These range ip address can be used to any Local Area Network (LAN) we can communicate with host that is present within Local Area Network,But we can't communicate with public Ip address directly.
If we ping the public ip address directly from local Private ip address, Packets will reach the destination but denstination doesn't know this Local ip address.we will get request timed out.
By using NAT we translate the private ip address to public ip address and public to private ip address.when packet goes out of the private network NAT will translate private ip address to public ip address(IP address that we are configured to router interface that is conneced to ISP).When router received a reply from public address,it will forward that packets to local private ip addresses.
i)Static NAT,
Static NAT will translate one private unregistered ip address to one Pulic registered ip address.Same public address will not be used for multiple private ip address.
Network Address Translation Table
Before NAT After NAT
Src Ip Dest IP Src Ip Dest ip
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.11 40.0.0.10 <-Natting-> 20.0.0.2 40.0.0.10
10.0.0.12 40.0.0.10 <-Natting-> 20.0.0.3 40.0.0.10
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.4 40.0.0.10
10.0.0.16 40.0.0.10 <-Natting-> 20.0.0.8 40.0.0.10
10.0.0.18 40.0.0.10 <-Natting-> 20.0.0.9 40.0.0.10
10.0.0.13 40.0.0.10 <-Natting-> 20.0.0.10 40.0.0.10
10.0.0.14 40.0.0.10 <-Natting-> 20.0.0.70 40.0.0.10
Here,there is no change in ip address while translating 10.0.0.10 always translated to 20.0.0.1,10.0.0.11 to 20.0.0.2.
Static NAT very usefull when request came for any service to a sever that present in LAN from Public(Internet).
ii)Dynamic NAT,
Here,private address will be translated to Public Ip address dynamically.i.e. Private address will be translated to any public ip address that is avaible at that time from the range of ip address we have.
Cosider we have range of pulbic ip address 20.0.0.1 to 20.0.0.255 this will be used dynamically.If there is no ip address available packets will be dropped.Here,we use same public ip for multiple private ip if the public ip is not used by any other private ip address.
Network Address Translation Table
Before NAT After NAT
Src Ip Dest IP Src Ip Dest ip
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.11 40.0.0.10 <-Natting-> 20.0.0.6 40.0.0.10
10.0.0.12 40.0.0.10 <-Natting-> 20.0.0.9 40.0.0.10
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.7 40.0.0.10
10.0.0.16 40.0.0.10 <-Natting-> 20.0.0.8 40.0.0.10
10.0.0.18 40.0.0.10 <-Natting-> 20.0.0.6 40.0.0.10
10.0.0.13 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.14 40.0.0.10 <-Natting-> 20.0.0.7 40.0.0.10
iii)NAT with PAT,Port Address Translation
Packets will be dropped if router don't have an ip address for translation.Using'overload' command we can avoid this problem.This will force the router to translate multipleprivate address to a single public ip address,Router will take port numbers as reference to translate.Consider packets from multiple private host at same to 40.0.0.10 ,translation will belike this
Network Address Translation Table
Before NAT After NAT
Src Ip Src Port Dest IP Dest Port Src Ip Src Port Dest ip Dest Port
10.0.0.10 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1024 40.0.0.10 80
10.0.0.11 1025 40.0.0.10 80 <-Natting-> 20.0.0.1 1025 40.0.0.10 80
10.0.0.12 1026 40.0.0.10 80 <-Natting-> 20.0.0.1 1026 40.0.0.10 80
10.0.0.13 1046 40.0.0.10 80 <-Natting-> 20.0.0.1 1046 40.0.0.10 80
10.0.0.10 1503 40.0.0.10 80 <-Natting-> 20.0.0.1 1503 40.0.0.10 80
If two host uses same source port numbers router will change the second received packet port number to some other port number.
Network Address Translation Table
Before NAT After NAT
Src Ip Src Port Dest IP Dst Port Src Ip Src Port Dest ip Dst Port
10.0.0.10 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1024 40.0.0.10 80
10.0.0.11 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1025 40.0.0.10 80
Here,Source port number have changed from 1024 to 1025 for the second packet.
NAT was introduced to reduce the problems in IPv4 Address,i.e. shortage in ipv4 ip addresses.Address
Classes were replaced by CIDR,but this is not sufficient.Ipv6 was introduced,it provides long
range ip addresses,IPng Internet Protocol Next Generation.
NAT Translates Private Ip address to Public IP address and Public Address to Private Address.
i)Static NAT
ii)Dynamic NAT
iii)NAT with PAT
Private IP Address Ranges,
Class A, 10.0.0.0 - 10.255.255.255 (Total ip Address -1,67,77,216)
Class B, 172.16.0.0- 172.31.255.255 (Total ip Address -10,48,576)
Class C, 192.168.0.0 - 192.168.255.255 (Total ip Address -65536)
These range ip address can be used to any Local Area Network (LAN) we can communicate with host that is present within Local Area Network,But we can't communicate with public Ip address directly.
If we ping the public ip address directly from local Private ip address, Packets will reach the destination but denstination doesn't know this Local ip address.we will get request timed out.
By using NAT we translate the private ip address to public ip address and public to private ip address.when packet goes out of the private network NAT will translate private ip address to public ip address(IP address that we are configured to router interface that is conneced to ISP).When router received a reply from public address,it will forward that packets to local private ip addresses.
i)Static NAT,
Static NAT will translate one private unregistered ip address to one Pulic registered ip address.Same public address will not be used for multiple private ip address.
Network Address Translation Table
Before NAT After NAT
Src Ip Dest IP Src Ip Dest ip
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.11 40.0.0.10 <-Natting-> 20.0.0.2 40.0.0.10
10.0.0.12 40.0.0.10 <-Natting-> 20.0.0.3 40.0.0.10
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.4 40.0.0.10
10.0.0.16 40.0.0.10 <-Natting-> 20.0.0.8 40.0.0.10
10.0.0.18 40.0.0.10 <-Natting-> 20.0.0.9 40.0.0.10
10.0.0.13 40.0.0.10 <-Natting-> 20.0.0.10 40.0.0.10
10.0.0.14 40.0.0.10 <-Natting-> 20.0.0.70 40.0.0.10
Here,there is no change in ip address while translating 10.0.0.10 always translated to 20.0.0.1,10.0.0.11 to 20.0.0.2.
Static NAT very usefull when request came for any service to a sever that present in LAN from Public(Internet).
ii)Dynamic NAT,
Here,private address will be translated to Public Ip address dynamically.i.e. Private address will be translated to any public ip address that is avaible at that time from the range of ip address we have.
Cosider we have range of pulbic ip address 20.0.0.1 to 20.0.0.255 this will be used dynamically.If there is no ip address available packets will be dropped.Here,we use same public ip for multiple private ip if the public ip is not used by any other private ip address.
Network Address Translation Table
Before NAT After NAT
Src Ip Dest IP Src Ip Dest ip
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.11 40.0.0.10 <-Natting-> 20.0.0.6 40.0.0.10
10.0.0.12 40.0.0.10 <-Natting-> 20.0.0.9 40.0.0.10
10.0.0.10 40.0.0.10 <-Natting-> 20.0.0.7 40.0.0.10
10.0.0.16 40.0.0.10 <-Natting-> 20.0.0.8 40.0.0.10
10.0.0.18 40.0.0.10 <-Natting-> 20.0.0.6 40.0.0.10
10.0.0.13 40.0.0.10 <-Natting-> 20.0.0.1 40.0.0.10
10.0.0.14 40.0.0.10 <-Natting-> 20.0.0.7 40.0.0.10
iii)NAT with PAT,Port Address Translation
Packets will be dropped if router don't have an ip address for translation.Using'overload' command we can avoid this problem.This will force the router to translate multipleprivate address to a single public ip address,Router will take port numbers as reference to translate.Consider packets from multiple private host at same to 40.0.0.10 ,translation will belike this
Network Address Translation Table
Before NAT After NAT
Src Ip Src Port Dest IP Dest Port Src Ip Src Port Dest ip Dest Port
10.0.0.10 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1024 40.0.0.10 80
10.0.0.11 1025 40.0.0.10 80 <-Natting-> 20.0.0.1 1025 40.0.0.10 80
10.0.0.12 1026 40.0.0.10 80 <-Natting-> 20.0.0.1 1026 40.0.0.10 80
10.0.0.13 1046 40.0.0.10 80 <-Natting-> 20.0.0.1 1046 40.0.0.10 80
10.0.0.10 1503 40.0.0.10 80 <-Natting-> 20.0.0.1 1503 40.0.0.10 80
If two host uses same source port numbers router will change the second received packet port number to some other port number.
Network Address Translation Table
Before NAT After NAT
Src Ip Src Port Dest IP Dst Port Src Ip Src Port Dest ip Dst Port
10.0.0.10 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1024 40.0.0.10 80
10.0.0.11 1024 40.0.0.10 80 <-Natting-> 20.0.0.1 1025 40.0.0.10 80
Here,Source port number have changed from 1024 to 1025 for the second packet.
Post a Comment