NAT (Network Address translation)

1. NAT Introduction

Nat:provides the translation of private address to public address.

?

NAT has the many uses, but its primary use are to conserve public IPv4 addresses. It does this by allowing networks to use private IPV4 addresses internally and providing translation to a public address O nly when needed. NAT added benefit of adding a degree of privacy and security to a network, because it hides internal IPv4 addresses From outside networks.

?

?

The terms, inside and outside, is combined with the terms local and global to refer to specific addresses. In the figure, router R2 have been configured to provide NAT. It has a pool of public addresses to assign to inside hosts.

??

• Inside Local Address -the address of the source as seen from Inside the network. In the figure, the IPV4 address 192.168.10.10 are assigned to PC1. This is the inside local address of PC1.
• Inside Global Address -the address of source as seen from the outside network. In the figure, when traffic from PC1 are sent to the Web server at 209.165.201.1, R2 translates the inside local address to An inside global address. R2 changes the IPV4 source address from 192.168.10.10 to 209.165.200.226. In NAT terminology, the inside local address of 192.168.10.10 was translated to the inside global address of 209.165.200.22 6.
• Outside Global Address -the address of the destination as seen from the Outside network. It is a globally routable IPV4 address assigned to a host on the Internet. For example, the Web server was reachable at IPV4 address 209.165.201.1. Most often the outside local and outside global addresses is the same.
• Outside Local Address -the address of the destination as seen from the inside network. In this example, PC1 sends traffic to the Web server at the IPV4 address 209.165.201.1. While uncommon, this address could is different than the globally routable address of the destination.

?

?

1. Types of NAT

There is three types of NAT translation:

1. Static address translation (static NAT)-one-to-one address mapping between local and global address.
2. Dynamic address translation (Dynamic NAT)-many-to-many address mapping between local and global addresses.
3. Port Address Translation (Pat/nat overloading)-many-to-one Address mapping between local and global addresses.

?

?

1. Static NAT

   Static NAT uses a one-to-one mapping of local and global addresses. These mappings is configured by the network administrator and remain constant.

Static NAT requires, enough public addresses is available to satisfy, the total number of simultaneous user sessions.

Static NAT is particularly useful for Web servers or devices that must has a consistent address that's accessible from t He Internet.

?

Configure Static NAT

step	action	note
1	establish static translation between an Inside local address and an inside global address. router (config) # IP nat inside source static Local-ip Global-ip
2	specify the Inside interface. router (config) # interface type number
3	mark the interface as connected to the inside.< /span> router (config-if) # IP nat inside
4	exit interface configuration mode. router (config-if) # exit
5	specify the outside interface. router (config) # interface type number
6	Mark the interface as connected to the outside Router (config-if) #IP nat outside	?

?

?

Verifying Static NAT Translations

router#show ip nat translations	The static translation is all present in the NAT table
Router#clear IP NAT Statistics	?
Router#show IP NAT Statistics	?

?

?

?

1. Dynamic NAT

   Dynamic NAT uses a pool of public addresses and assigns them on a first-come, first-served basis.

Configure Dynamic NAT

step	action
1	define A pool of global addresses to being used for Translation. router (config) # IP nat Pool name Start-ip End-ip { netmask netmask | prefix-length prefix-length}
2	configure a standard access list permitting The addresses that should is translated. router (config) # access-list Access-list-number Permit source [Source-wildcard]
3	establish dynamic source translation, Specify the access list and pool defined in prior steps. router (config) # IP Nat source list Access-list-number Pool name
4	identify the Inside interface. Interface type number Ip nat inside
5	specify the outside interface. router (config) # interface type number
6	Mark the interface as connected to the outside Router (config-if) #IP nat outside

?

Verifying Static NAT Translations

router#show ip nat translations	The static translation is all present in the NAT table
Router#clear IP NAT Statistics *	Clear all dynamic address translation entries from the NAT translation table
Router#show IP NAT Statistics	?
?	?

?

?

?

?

2.3 Pat/nat Overload

Port address Translation (PAT)/nat overloading:maps multiple private IPv4 address or a few address. PAT ensures this devices use a different TCP port number for each session with a server on the Internet.

?

Port Address Translation (PAT), also known as NAT overload, maps multiple private IPv4 addresses to a single public IPv4 a Ddress or a few addresses. This is what the most home routers does. The ISP assigns one address to the router, yet several members of the household can simultaneously access the Internet. The most common form of NAT.

?

2.4 Benefits of NAT:

???? 1. Conserves the legally registered addressing scheme

???? 2. Increases the flexibility of connections to the public network

???? 3. Provides consistency for internal network addressing schemes

???? 4. Provides network security

?

2.5 Disadvantages of NAT:

???? 1. Performance is degraded

???? 2. End-to-end functionality is degraded

???? 3. End-to-end IP traceability is lost.

???? 4. Tunneling becomes more complicated

???? 5. Initiating TCP connections can be disrupted.

?

?

?

?

NAT (Network Address translation)