Home > Network Address Translation NAT Tutorial

Network Address Translation NAT Tutorial

May 22nd, 2011 Go to comments

To go to the Internet we need to get an public IP address and it is unique all over the world. If each host in the world required a unique public IP address, we would have run out of IP address years ago. But by using Network Address Translation (NAT) we can save tons of IP addresses for later uses. We can understand NAT like this:

“NAT allows a host that does not have a valid registered IP address to communicate with other hosts through the Internet”

For example your computer is assigned a private IP address of 10.0.0.9 and of course this address can not be routed on the internet but you can still access the internet. This is because your router (or modem) translates this address into a public IP address, 123.12.23.1 for example, before routing your data into the internet.

NAT_Basic.jpg

Of course when your router receives a reply packet destined for 123.12.23.1 it will convert back to your private IP 10.0.0.9 before sending that packet to you.

Maybe you will ask “hey, I don’t see any difference of using NAT to save tons of IP addresses because you still need a public IP address for each host to access the Internet and it doesn’t save you anything, why you need to use NAT?”

Ok, you are right :), in the above example we don’t see its usefulness but you now understand the fundamental of NAT!

Let’s take another example!

Suppose your company has 500 employees but your Internet Service Provider (ISP) only gives you 50 public IP addresses. It means that you can only allow 50 hosts to access the internet at the same time. Here NAT comes to save your life!

One thing you should notice that in real life, not all of your employees uses internet at the same time. Say, maybe 50 of them use internet to read newspaper at the morning; 50 others use internet at noon for checking mail… By using NAT you can dynamically assign these 50 public IP addresses to those who really need them at that time. This is called dynamic NAT.

But the above NAT solution does not solve our problem completely because in some days there can be more than 50 people surfing web at the morning. In this case, only the first 50 people can access internet, others must wait to their turns.

Another problem is, in fact, your ISP only gives you much lesser IP addresses than the number 50 because each public IP is very precious now.

To solve the two problems above, another feature of NAT can be used: NAT Overload or sometimes called Port Address Translation (PAT)

PAT permits multiple devices on a local area network (LAN) to be mapped to a single public IP address with different port numbers. Therefore, it’s also known as port address translation (PAT). When using PAT, the router maintains unique source port numbers on the inside global IP address to distinguish between translations. In the below example, each host is assigned to the same public IP address 123.1.1.1 1 but with different port numbers (from 1000 to 1002).

PAT_Basic.jpg

Note: Cisco uses the term inside local for the private IP addresses and inside global for the public IP addresses replaced by the router.

The outside host IP address can also be changed with NAT. The outside global address represents the outside host with a public IP address that can be used for routing in the public Internet.

The last term, outside local address, is a private address of an external device as it is referred to by devices on its local network. You can understand outside local address as the inside local address of the external device which lies at the other end of the Internet.

Maybe you will ask how many ports can we use for each IP? Well, because the port number field has 16 bits, PAT can support about 216 ports, which is more than 64,000 connections using one public IP address.

Now you has learned all the most useful features of NAT but we should summary all features of NAT:

There are two types of NAT translation: dynamic and static.

Static NAT: Designed to allow one-to-one mapping between local and global addresses. This flavor requires you to have one real Internet IP address for every host on your network.

Dynamic NAT: Designed to map an unregistered IP address to a registered IP address from a pool of registered IP addresses. You don’t have to statically configure your router to map an inside to an outside address as in static NAT, but you do have to have enough real IP addresses for everyone who wants to send packets through the Internet. With dynamic NAT, you can configure the NAT router with more IP addresses in the inside local address list than in the inside global address pool. When being defined in the inside global address pool, the router allocates registered public IP addresses from the pool until all are allocated. If all the public IP addresses are already allocated, the router discards the packet that requires a public IP address.

PAT (NAT Overloading): is also a kind of dynamic NAT that maps multiple private IP addresses to a single public IP address (many-to-one) by using different ports. Static NAT and Dynamic NAT both require a one-to-one mapping from the inside local to the inside global address. By using PAT, you can have thousands of users connect to the Internet using only one real global IP address. PAT is the technology that helps us not run out of public IP address on the Internet. This is the most popular type of NAT.

Besides NAT gives you the option to advertise only a single address for your entire network to the outside world. Doing this effectively hides the internal network from the public world really well, giving you some additional security for your network.

NAT terms:

* Inside local address – The IP address assigned to a host on the inside network. The address is usually not an IP address assigned by the Internet Network Information Center (InterNIC) or service provider. This address is likely to be an RFC 1918 private address.
* Inside global address – A legitimate IP address assigned by the InterNIC or service provider that represents one or more inside local IP addresses to the outside world.
* Outside local address – The IP address of an outside host as it is known to the hosts on the inside network.
* Outside global address – The IP address assigned to a host on the outside network. The owner of the host assigns this address.

NAT_terms_explained.jpg

To learn how to configure NAT please read my Configure NAT GNS3 Lab tutorial

Comments (50) Comments
Comment pages
1 3 4 5 6 511
  1. Someonethathopetopassccna
    July 23rd, 2016

    hi all, please can someone send me the latest ccna dumpfile? jidken0404(gmail) appreciate much

  2. Someonethathopetopassccna
    July 23rd, 2016

    Can anyone confirm that watson or konrad file still valid to study?

  3. ted
    July 28th, 2016

    ccna exam want to write below aug 20.2016

  4. ted
    July 28th, 2016

    after that syallubus completely will change

  5. Patick
    August 3rd, 2016

    Hello there

    Yes, Watson dumps are still valid. I did my exams today and got 980

  6. Anonymous
    August 9th, 2016

    Hello guys, i seriously need to write CCNA before 20/8/16. can i please have the most recent question sent to me {email not allowed}

  7. Ben
    August 9th, 2016

    Hello guys, can anyone send me the latest ccna dumps? emm25all at gmail.com. thanks

  8. LoL
    August 11th, 2016

    @Ben and Anonymousdude :D
    You find the dumbs here on 9tut. Go to CCNA FAQs & Tips, then scroll to Question Nr. 23.
    There is a link with the dumbs.

  9. Anonymous
    August 15th, 2016

    Hi Guys, I’m taking my exam this week on the 19th August morning, can someone please forward me the latest dump? I would really appreciate it. thanks.

  10. Anonymous
    August 15th, 2016

    Hi Guys, I’m taking my exam this week on the 19th August morning, can someone please forward me the latest dump? I would really appreciate it. thanks. {email not allowed}

  11. Anonymous
    August 17th, 2016

    Good day

    Hi guys, im writing on the 19 may you kindly send me the valid dupms. Much Appreciated {email not allowed}

  12. Anonymous
    August 18th, 2016

    network kings, send valid dumps to -sujindar666 @ gmail . com

  13. Anonymous
    August 18th, 2016

    {email not allowed}

  14. Anonymous
    August 19th, 2016

    Hi guys, PASSED my exam today. Took me less than 20mins. For real!!! best $9 i ever spent. waiting on my Friend to go get it done also. Thanks 9tut. PLEASE CCNP is next, where and how i should go about it? thanks to everybody also. Kindly send dumps on CCNP.

  15. Actual
    August 22nd, 2016

    New-VALID-DUMPS 200-125 at below website: REMOVE-SPACES

    b i t . l y / 2 b F 6 y 2 g

  16. Anonymous
    August 23rd, 2016

    Hi guys,Anybody with the new dumps? kindly send the Link to {email not allowed}

  17. patel
    August 23rd, 2016

    I passed my CCNA Ex . I am looking training for CCNP . Please let me know is any whole course training available for that in 9Tut

    Thanks
    PP

  18. Anonymous
    August 25th, 2016

    i passed for ccna 120-200 exam, this site very worth for who want to pass

  19. Anonymous
    August 28th, 2016

    Please share latest dump.

  20. Anonymous
    August 29th, 2016

    can any of you please share dumps of CCNA exam latest series?

  21. Anonymous
    August 30th, 2016

    Does anyone already took the CCNAv3? Please tell us your story and your approach. Please give us tips. Thank you in advance

  22. silo
    September 1st, 2016

    its my first time,i got the site from my boss.i want to start how do i go about,course outline and the exams as well as the tutorials

  23. Anonymous
    September 2nd, 2016

    Please help us pass the exam. Please provide us dumps.

  24. Kazedde
    September 6th, 2016

    Please show also the question of each to understand more.

  25. Miao
    September 17th, 2016

    Hi guys! Can anyone send me link where to get the latest ccna exam. Thanks a lot!

  26. Hej
    September 19th, 2016

    hej

  27. Riz
    September 19th, 2016

    any help would be apperciated

  28. Riz
    September 19th, 2016

    where to buy cisco dump

  29. Riz
    September 19th, 2016

    not available on prep4sure, pass4sure

  30. Janak – Bahrain
    September 25th, 2016

    I was not ready for the exam but sat for the last exam on 200-120 but scored 537 – I am happy. Now waiting for clues. comments on – 200-125 to take the exam. Did anyone get through 125?

  31. cisco
    September 29th, 2016

    now it’s very difficult to obtain Cisco dumps………….

  32. DK
    October 2nd, 2016

    great community, love you guys , amazing stuff

  33. Anonymous
    October 10th, 2016

    hi everyone i am looking for the latest dumps of ccnp routing
    could any one send it to me please
    {email not allowed}

  34. romy
    October 13th, 2016

    Here is All CCNA stuff at one Place. 58Qs 62Qs 401Qs All labs at below link copy to your address bar and remove spaces

    ccna200-125dumps.blo g s p o t . c o m

  35. Anonymous
    October 26th, 2016

    Please if someone can share me valid and latest dump for 200-125 to (toomuch.buit) gmail com.Will be great full.

  36. Anonymous
    November 2nd, 2016

    Hi, someone has information ccna sp?

  37. mosam
    November 12th, 2016

    please send me last dump ccna 200-125

    Email : {email not allowed}

  38. mosam
    November 12th, 2016

    please send me last dump ccna 200-125

    E m a i l : O s m a n s a l a h 7 4 @ y a h o o . c o m

    please remove the space

    thanks all

  39. Alea Adam
    November 18th, 2016

    I have passed my 200-125 exam yesterday with the help of passleaders .I got real exam questions dumps and passed in first attempt. Get them from http://www.passleaders.com/200-125-exam.html

  40. JPC
    November 30th, 2016

    I passed the exam! :) Yaaay!

    P.S understand all the topics do not just memorize coz version 3 exam is pretty much different from version 2.

  41. omaryou
    November 30th, 2016

    please JPC woul you shar us the dumps, and is it stable
    please send to me in {email not allowed}

  42. omaryou
    November 30th, 2016

    ker m iaa ma r 1@g m a il . c om

    JPC
    this is my email, there is no spaces

  43. macequation
    December 4th, 2016

    hi all, please can someone send me the latest ccna dumpfile?{email not allowed}

  44. macequation
    December 4th, 2016

    hi all, please can someone send me the latest ccna dumpfile?( mac equation @ gmail.com )
    there are no spaces in my email

  45. K B Memon
    December 4th, 2016

    please send me last dump ccna 200-125

    E m a i l : {email not allowed}

    thanks all

  46. toast
    December 4th, 2016

    please send me last dump ccna 200-125

  47. vas
    December 5th, 2016

    Please can any one send me ccna 200-125 dumps to s m a n t r a l a 9 6 @ g m a i l . c o m
    Plz I am writing this month.

  48. CCNA-v3
    December 15th, 2016

    Guys finally passes today 171q is super valid
    Lab acl mod 3 host , ospf , dhcp Ntp, ripv2

    Dumps at below webpage: remover asteriks
    ccna200-125dumps.blogs*pot.co*m

  49. Anonymous
    December 17th, 2016

    Can i get the lastest dum please @ v a n s h u n h i n e s @ gmail.com

Comment pages
1 3 4 5 6 511