NAT Network address Translation Static and Dynamic
When communicating to devices in a public network, your device needs to use a source address that is a public address. NAT device enables private IPv4 to connect to the Internet. NAT enable you to change an IP address in a packet to a different address. Usually, NAT connects two networks and translates the private (inside local) addresses into public addresses (inside global) before packets are forwarded to another network. In other word Address translation allows you to translate your internal private addresses to public addresses before these packets leave your network.
Situation where you should use NAT
- Your ISP did not provide you sufficient public IP address
- Your company is going to merge in a company which use same address space
- Where you want to hide your internal IP address space from outside
- You want to assign the same IP address to multiple machines
There are three types of NAT
- Static
- Dynamic
- PAT
STATIC NAT
In static NAT manual translation is performed by an address translation device, translating one IP address to a different one. If you have 100 devices, you need to create 100 static entries in the address translation table. Typically, static translation is done for inside resources that outside people want to access.
Dynamic NAT
Dynamic NAT is mostly used when inside users needs to access outside resources. The global address assigned to the internal user isn't important, since outside devices don't directly connect to your internal users they just return traffic to them that the inside user requested.
Dynamic NAT is used when inside use wants to access external resource. When an inside user sends traffic through the address translation device, say a router, it examines the source IP address and compares it to the internal local address pool. If it finds a match, then it determines which inside global address pool it should use for the translation. It then dynamically picks an address in the global address pool that is not currently assigned to an inside device. The router adds this entry in its address translation table, the packet is translated, and the packet is then sent to the outside world. If no matching entry is found in the local address pool, the address is not translated and is forwarded to the outside world in its original state.
When returning traffic comes back into your network, the address translation device examines the destination IP addresses and checks them against the address translation table. Upon finding a matching entry, it converts the global inside address to the local inside address in the destination IP address field of the packet header and forwards the packet to the inside network
PAT
With PAT, all devices that go through the address translation device have the same global IP address assigned to them, so the source TCP or UDP port numbers are used to differentiate the different connections. If two devices have the same source port number, the translation device changes one of them to ensure uniqueness.
Major difference between NAT and PAT is In NAT Only IP addresses are translated (not port numbers).
Disadvantages of Address Translation
Three main disadvantage with address translation are:
- Each connection has an added delay.
- Troubleshooting is more difficult.
- Not all applications work with address translation.
Address Translation Terms and Types
| Term | Explanation |
Inside
|
Addresses located on the inside of your network
|
Outside
|
Addresses located outside of your network
|
Local
|
The IP address physically assigned to a device
|
Global
|
The public IP address physically or logically assigned to a device
|
Inside local IP address
|
The IPv4 address that is assigned to a host on the inside network
|
Inside global IP address
|
A legitimate IPv4 address assigned by the ISP that represents one or more inside local IPv4 addresses to the outside world
|
Outside global IP address
|
An outside device with a registered public IP address
|
Outside local IP address
|
An outside device with an assigned private IP address
|
Static NAT
|
A manual address translation is performed between two addresses and possibly port numbers.
|
Dynamic NAT
|
An address translation device automatically performs address translation between two addresses and possibly port numbers.
|
Port Address Translation (PAT)
|
Many inside IP addresses are translated to a single IP address, where each inside address is given a different TCP or UDP port number for uniqueness.
|
No comments:
Post a Comment