Home > Network Address Translation NAT Tutorial

Network Address Translation NAT Tutorial

May 22nd, 2011 Go to comments

To go to the Internet we need to get an public IP address and it is unique all over the world. If each host in the world required a unique public IP address, we would have run out of IP address years ago. But by using Network Address Translation (NAT) we can save tons of IP addresses for later uses. We can understand NAT like this:

“NAT allows a host that does not have a valid registered IP address to communicate with other hosts through the Internet”

For example your computer is assigned a private IP address of 10.0.0.9 and of course this address can not be routed on the internet but you can still access the internet. This is because your router (or modem) translates this address into a public IP address, 123.12.23.1 for example, before routing your data into the internet.

NAT_Basic.jpg

Of course when your router receives a reply packet destined for 123.12.23.1 it will convert back to your private IP 10.0.0.9 before sending that packet to you.

Maybe you will ask “hey, I don’t see any difference of using NAT to save tons of IP addresses because you still need a public IP address for each host to access the Internet and it doesn’t save you anything, why you need to use NAT?”

Ok, you are right :), in the above example we don’t see its usefulness but you now understand the fundamental of NAT!

Let’s take another example!

Suppose your company has 500 employees but your Internet Service Provider (ISP) only gives you 50 public IP addresses. It means that you can only allow 50 hosts to access the internet at the same time. Here NAT comes to save your life!

One thing you should notice that in real life, not all of your employees uses internet at the same time. Say, maybe 50 of them use internet to read newspaper at the morning; 50 others use internet at noon for checking mail… By using NAT you can dynamically assign these 50 public IP addresses to those who really need them at that time. This is called dynamic NAT.

But the above NAT solution does not solve our problem completely because in some days there can be more than 50 people surfing web at the morning. In this case, only the first 50 people can access internet, others must wait to their turns.

Another problem is, in fact, your ISP only gives you much lesser IP addresses than the number 50 because each public IP is very precious now.

To solve the two problems above, another feature of NAT can be used: NAT Overload or sometimes called Port Address Translation (PAT)

PAT permits multiple devices on a local area network (LAN) to be mapped to a single public IP address with different port numbers. Therefore, it’s also known as port address translation (PAT). When using PAT, the router maintains unique source port numbers on the inside global IP address to distinguish between translations. In the below example, each host is assigned to the same public IP address 123.1.1.1 1 but with different port numbers (from 1000 to 1002).

PAT_Basic.jpg

Note: Cisco uses the term inside local for the private IP addresses and inside global for the public IP addresses replaced by the router.

The outside host IP address can also be changed with NAT. The outside global address represents the outside host with a public IP address that can be used for routing in the public Internet.

The last term, outside local address, is a private address of an external device as it is referred to by devices on its local network. You can understand outside local address as the inside local address of the external device which lies at the other end of the Internet.

Maybe you will ask how many ports can we use for each IP? Well, because the port number field has 16 bits, PAT can support about 216 ports, which is more than 64,000 connections using one public IP address.

Now you has learned all the most useful features of NAT but we should summary all features of NAT:

There are two types of NAT translation: dynamic and static.

Static NAT: Designed to allow one-to-one mapping between local and global addresses. This flavor requires you to have one real Internet IP address for every host on your network.

Dynamic NAT: Designed to map an unregistered IP address to a registered IP address from a pool of registered IP addresses. You don’t have to statically configure your router to map an inside to an outside address as in static NAT, but you do have to have enough real IP addresses for everyone who wants to send packets through the Internet. With dynamic NAT, you can configure the NAT router with more IP addresses in the inside local address list than in the inside global address pool. When being defined in the inside global address pool, the router allocates registered public IP addresses from the pool until all are allocated. If all the public IP addresses are already allocated, the router discards the packet that requires a public IP address.

PAT (NAT Overloading): is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT.

Besides NAT gives you the option to advertise only a single address for your entire network to the outside world. Doing this effectively hides the internal network from the public world really well, giving you some additional security for your network.

NAT terms:

* Inside local address – The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address.
* Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world.
* Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
* Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address.

NAT_terms_explained.jpg

To learn how to configure NAT please read my Configure NAT GNS3 Lab tutorial

Comments (50) Comments
Comment pages
  1. mncedisi
    February 5th, 2016

    you will pass CCNA with flying colours

  2. Anonymous
    February 28th, 2016

    Please send me the latest dumps!!…or the link from which i can download!!

    Many thanks

  3. Anonymous
    March 4th, 2016

    Someone, please help me with ccna security dumps in pdf {email not allowed}

  4. sai
    March 9th, 2016

    I’m taking ccna switching and routing exam this week. Can someone send the latest dumps to {email not allowed}

  5. sai
    March 9th, 2016

    can someone send the dumps in pdf

  6. sai
    March 9th, 2016

    or send the link

  7. Anonymous
    March 10th, 2016

    Thanks. Good stuff. Kindly send me the latest dumps. I am sitting for my ccna on 30 March 2016

  8. JO
    March 24th, 2016

    can someone send me the latest dumps. And what i need in order to pass this exam just a general overview would be nice. I am sitting for the CCNA exam on April 10th 2016

  9. Anonymous
    April 10th, 2016

    How was the CCNA exam JO?

  10. bil
    April 11th, 2016

    Alhmdullillah, i passed ccna 200-120 today 980/1000, studying 9tut is enough to pass the exam.
    Thanks alot 9tut.

  11. John T
    April 13th, 2016

    Can someone email me at latest dumps at davian.litchmore at yahoo.com

  12. Anonymous
    April 14th, 2016

    is there new question guys

  13. ccna
    April 29th, 2016

    mail machonahgodfrey@gmail is requesting you the latest cccna latest dumbs . please kindly help me

  14. Smithk554
    May 7th, 2016

    Please add more movies related to cooking if you have, because I wish for to learn more and more about all recipes of cooking. dabegcefggedagdf

  15. xyfurage
    May 12th, 2016

    Can someone email me at latest dumps at {email not allowed} thanks guys :)

  16. xyfurage
    May 12th, 2016

    Can someone email me at latest dumps at xyfurage04@gmail thanks guys

  17. Smithf168
    May 22nd, 2016

    Your weblog is 1 of a kind, i really like the way you organize the topics. faeegffkeafeddce

  18. keithcq
    May 22nd, 2016

    Im on the 9tut.net website. Where do I sign up?

  19. Mark
    May 22nd, 2016

    Hey guys I heard ccna code had changed is it true r fake
    If is it share me latest dumps {email not allowed}

  20. Mark
    May 22nd, 2016

    Email thoufeequejawahar at gmail dot com

  21. Grace Mackay
    May 25th, 2016

    Latest and updated Certssafe Real Exam Question Answers available. Answers Verified by Experts. 
    http://www.certssafe.com/350-029-practice-test.html

  22. Anonymous
    May 27th, 2016

    Sherazi
    Hey guys i heard ccna code and dums are changed it is true or fake
    If is it then please shared a link of latest dums and tell me about the validation of ccna exam 200-120 Please

  23. sherazi
    May 27th, 2016

    {email not allowed}

  24. Anonymous
    May 27th, 2016

    am writing 200-120 tomorow please any changes email. me santox at gmail dot com

  25. santox
    May 27th, 2016

    am writing 200-120 tomorow please any changes email. me santox45 at gmail dot com

  26. Anonymous
    May 27th, 2016

    do they have ccna data center

  27. Hasan
    May 28th, 2016

    Can someone email me at latest dumps at {email not allowed} thanks guys

  28. Smithe762
    May 31st, 2016

    Heya im for the first time here. I found this board and I find It really useful &amp it helped me out much. I hope to give something back and help others like you aided me. dfdcdgdbdadcfaae

  29. Anonymous
    June 10th, 2016

    May 28th, 2016
    Can someone email me at latest dumps at mahmoudhamid101@gmail

  30. saibunur
    June 12th, 2016

    Can someone email the dumps of the latest ccna exams thanks at {email not allowed}

  31. saibunur
    June 12th, 2016

    Can someone pls email the dumps of the latest ccna exams thanks at saibunur at gmail dot com

  32. Seyex007
    June 13th, 2016

    Can someone email me the latest dumps for the ccna exams at seyex007 at yahoo dot com
    Thanks

  33. Smithe202
    June 17th, 2016

    Hey. Cool post. There’s a dilemma together with your website in chrome, and you may want to check this The browser will be the market leader and a huge component of other people will omit your great writing because of this issue. gffedfeedccddgek

  34. Anonymous
    June 17th, 2016

    please send me latest dumps at m.abdullah_22@hotmail

  35. Anonymous
    June 17th, 2016

    Hey can anyone tell me about the lab questions for CCNA R&S?

  36. Anonymous
    June 20th, 2016

    Hi, Can anyone please email me the latest dumps at {email not allowed}

  37. Tho
    June 24th, 2016

    Sorry for the spam email – {email not allowed}

  38. Tho
    June 24th, 2016

    nhibaonguyen@yahoo

  39. chuks
    July 4th, 2016

    seyex007 when do you want to take the exam so i send you my dumps?

  40. Eli
    July 13th, 2016

    can somebody send me a dump to {email not allowed}

  41. Eli
    July 13th, 2016

    please send me the dump: larijaniDOTarezou(gmail)

  42. Anonymous
    July 13th, 2016

    kindly send me latest dumps at {email not allowed}

  43. Frank
    July 13th, 2016

    kindly send me latest dumps at furqi_creed AT hotmail DOT com

  44. Guha: DUMPS for CCNA v3.0 is available
    July 16th, 2016

    Please share the latest dumps for CCNA v3.0 exam to {email not allowed}

  45. Anonymous
    July 17th, 2016

    pjhio

  46. Mazhar Hussain
    July 20th, 2016

    can somebody share latest updates regarding exam 200-120 ?? has paper been changed??

  47. Anonymous
    July 20th, 2016

    can someone please send me latest dumps for ccna exam at arwahussein at Hotmail dot com

  48. Anonymous
    July 21st, 2016

    where can I get the latest VCE simiulator, could someone let me know

    Thank you

  49. Anonymous
    July 21st, 2016

    hi everyone, why we cant see the Questions, but just the explanations???.

  50. Someonethathopetopassccna
    July 23rd, 2016

    hi all, please can someone send me the latest ccna dumpfile? jidken0404(gmail) appreciate much

Comment pages
Add a Comment