03 October, 2012
WHAT IS NAT
Network Address Translation (NAT) is simply that – it takes a network address, and “translates” it to another network address. It is a simple lookup table, where each row is created by a router command with the two addresses. The user address is behind the router on the LAN interface, and the Internet address is sent out across the serial interface.
Static NAT
For security - requires n Internet IP addresses - assign unique, unregistered local IP addresses to all users, and use unique Internet addresses as well. Users can all use the same port.
Static
NAT offers enhanced security - the actual IP address of the user is
hidden. A router running NAT (RFC1631) allows the users to maintain anonymity,
because their addresses are not sent out to the world.
Users will typically use addresses from one of three reserved address
spaces, the most famous being the “10” Class A address range.
Source
Computer |
Source
Computer's IP Address |
NAT
Router's
IP Address |
A
|
10.0.0.1
|
215.37.32.201
|
B
|
10.0.0.2
|
215.37.32.202
|
C
|
10.0.0.3
|
215.37.32.203
|
Dynamic NAT (NAT & PAT)
for overloading - requires 1 outside Internet IP address - assign unique, unregistered local IP addresses to all users. Must use unique ports for each user !!!
Dynamic
NAT allows overloading - multiple users access the Internet via one IP
address. This
is used by Microsoft ICS (Internet Connection Sharing)
and by DSL routers that have several home user PC’s connected.
In fact, every Cable/DSL Broadband Router on the market accomplishes its
job with NAT.
Source
Computer |
Source
Computer's IP Address |
Source
Computer's Port |
NAT
Router's
IP Address |
A
|
10.0.0.1
|
400
|
215.37.32.201
|
B
|
10.0.0.2
|
50
|
215.37.32.201
|
C
|
10.0.0.3
|
3750
|
215.37.32.201
|