Network Address Translation


The original intention for NAT was to slow the depletion of available IP address space by allowing many private IP addresses to be represented by some smaller number of public IP addresses.

NAT really decreases the overwhelming amount of public IP addresses required in your networking environment. And NAT comes in really handy when two companies that have duplicate internal addressing schemes merge.

Advantages Disadvantages
Conserves legally registered addresses. Translation introduces switching path delays.
Reduces address overlap occurrence. Loss of end-to-end IP traceability.
Increases flexibility when connecting Internet. Certain applications will not function with to NAT enabled.
Eliminates address renumbering as network changes.  

Types of Network Address Translation

Three types of NAT:
 

  • Static NAT

    This type of NAT is designed to allow one-to-one mapping between local and global addresses. Keep in mind that the static version requires you to have one real Internet IP address for every host on your network.
  • Dynamic NAT

    This version gives you the ability to map an unregistered IP address to a registered IP address from out of a pool of registered IP addresses. You don’t have to statically configure your router to map an inside to an outside address as you would using static NAT,but you do have to have enough real, bona-fide IP addresses for everyone who’s going to be sending packets to and receiving them from the Internet.
  • Overloading

    This is the most popular type of NAT configuration. Understand that overloading really is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address—many-to-one—by using different ports. It’s also known as Port Address Translation (PAT). And by using PAT (NAT Overload),you get to have thousands of users connect to the Internet using only one real global IP address, NAT Overload is the real reason we haven’t run out of valid IPaddress on the Internet

NAT Names

The names we use to describe the addresses used with NAT are simple. Addresses used after NAT translations are called global addresses. These are usually the public addresses used on the Internet, but remember, you don’t need public addresses if you aren’t going on the Internet. Local addresses are the ones we use before NAT translation. So, the inside local address is actually the private address of the sending host that’s trying to get to the Internet, while the outside local address is the address of the destination host. The latter is usually a public address (web address, mail server, etc.) and is how the packet begins its journey. After translation, the inside local address is then called the inside global address and the outside global address then becomes the name of the destination host. 

Static NAT Configuration
 

  • Simple basic static NAT configuration: ipnat inside source static 110.1.1.1 170.46.2.2

    !
    interface Ethernet0
    ip address 110.1.1.10 255.255.255.0
    ipnat inside
    !
    interface Serial0
    ip address 70.46.2.1 255.255.255.0
    ipnat outside
    !





  •  
  •  
  •  
  •  

Dynamic NAT Configuration
 

  • Dynamic NAT means that we have a pool of addresses that we will use to provide real IP addresses to a group of users on the inside. We do not use port numbers, so we have to have real IP addresses for every user trying to get outside the local network.
    ipnat pool amit70.168.2.2 170.168.2.254netmask 255.255.255.0 ipnat inside source list 1 pool amit
    !
    interface Ethernet0
    ip address 110.1.1.10 255.255.255.0
    ipnat inside
    !
    interface Serial0
    ip address 70.168.2.1 255.255.255.0
    ipnat outside
    !
    access-list 1 permit 110.1.1.0 0.0.0.255
    !





  •  
  •  
  •  
  •  

PAT (Overloading) Configuration
 

  • This last example shows how to configure inside global address overloading. This is the typical NAT that we would use today. It is rare that we would use static or dynamic NAT unless we were statically mapping a server, for example.

    ipnat pool globalnet70.168.2.1 170.168.2.1netmask 255.255.255.0
    ipnat inside source list 1 pool globalnet overload
    !
    interface Ethernet0/0
    ip address 110.1.1.10 255.255.255.0
    ipnat inside
    !
    interface Serial0/0
    ip address 70.168.2.1 255.255.255.0
    ipnat outside
    !
    access-list 1 permit 110.1.1.0 0.0.0.255





  •  
  •  
  •  
  •  

Simple Verification of NAT
 

  • Once you have configured the type of NAT you are going to use, typically overload (PAT), you need to be able to verify the configuration.

    Router#show ipnat translation
    Router#debug ipnat

h4 ExamMATE

Online Personalised Exam Preparation Tool to score higher using Assessment, Analytics & Artificial Intelligence

Copyright ©2015 h4exammate.com, All Rights Reserved. h4 ExamMATEâ„¢ is registered trademark of Hub4tech Portal Services Pvt. Ltd.
All trademarks and logos appearing on this website are the property of their respective owners.
FOLLOW US    
Need help? Ask h4 ExamMATE Bot