Network Address Translation (NAT)
To access the Internet, one public IP address is needed, but we can use
a private IP address in our private network. The idea of NAT is to allow
multiple devices to access the Internet through a single public address. To
achieve this, the translation of a private IP address to a public IP address is
required. Network Address Translation (NAT) is a
process in which one or more local IP address is translated into one or more
Global IP address and vice versa in order to provide Internet access to the
local hosts. Also, it does the translation of port numbers i.e. masks the port
number of the host with another port number, in the packet that will be routed
to the destination. It then makes the corresponding entries of IP address and
port number in the NAT table. NAT generally operates on a router or
firewall.
Generally, the border router is configured
for NAT i.e the router which has one interface in the local (inside) network
and one interface in the global (outside) network. When a packet traverses outside the local (inside) network, then NAT converts that local (private) IP
address to a global (public) IP address. When a packet enters the local
network, the global (public) IP address is converted to local (private) IP
address.
If NAT runs out of addresses, i.e., no
address is left in the pool configured then the packets will be dropped and an
Internet Control Message Protocol (ICMP) host unreachable packet to the
destination is sent.
1.
-Static
NAT
-Dynamic NAT
2. Port Address Translation (PAT)
Advantages of NAT –
· NAT conserves legally registered IP addresses.
· It provides privacy as the device’s IP address, sending and receiving the traffic, will be hidden.
· Eliminates address renumbering when a network evolves.
Disadvantages of NAT –
· Translation results in
switching path delays.
· Certain applications will not function while NAT is enabled.
· Complicates tunneling protocols such as IPsec.
· Also, the router being a network layer device, should not tamper with port numbers (transport layer) but it has to do so because of NAT.
0 Comments